# [FAILED] Wake-On-Lan fails over Internet

## midnite

i have just sorted WOL on my Gentoo box (in this post). Now i would like to wake my computer over the Internet, as i am going to study overseas soon.   :Cool: 

i guess, as long as i have made it within LAN, it won't be a problem to do it over the Internet. My goal should be letting the magic packet route through the Internet, reach my router at my public IP, and do NAT port forwarding to my box (or just broadcast it within the LAN). Wiki Wake on Internet does say something similar to this. *wiki wrote:*   

> In the absence of a VPN, a computer connected to a router can be woken if a magic packet sent over the Internet is routed to it. This requires any firewall to be set up to allow entry of the WOL signal to a specified port. The port can be forwarded to the computer to be woken up; or some routers permit the packet to be broadcast to the entire LAN.

 

Yet i failed...

First, i don't find WOL related settings, nor broadcast settings in my router configure webpage. Then i use NAT virtual server port forwarding. i tried with forwarding both port 7 & 9. For the destination IP, i have tried192.168.1.2 (my box)

192.168.1.1 (should be the router itself)

192.168.1.0

192.168.1.255

255.255.255.255

0.0.0.0But ALL failed   :Crying or Very sad: 

i used this web based magic packet generator, and also a software run in a computer within the LAN (but use destination=my public IP) for testing. But, as i have said, all fail.

It is even odd that i have set the demilitarized zone (DMZ) to 192.168.1.2 (my box), it still does not work!!! (how come?)

i doubt,if that web based magic packet generator is generating valid magic packets?

if it is fine for me to generate a packet to my public IP from a computer within the LAN?

if WOL accepts only UDP, but not TCP? and UDP can be lost easily...

if i can set my router to broadcast packets going to port 7 & 9? i suppose, forwarding to 192.168.1.255 or 255.255.255.255 should work?

Any input is greatly appreciated!!!

----------

## wah_wah_69

I've heard about routers blocking magic packets without possibility to fix without a firmware change.

Here's a tcl/tk script for generating/sending the magic packet, it uses by default UDP 32767.

http://wiki.tcl.tk/15423

Searching for on google "wake on lan 32767" hits a lot of interesting results.

----------

## desultory

Moved from Off the Wall to Networking & Security.

----------

## dmpogo

Properly, your router should forward the port that Magic Packet generator uses to LAN broadcast address, i.e. 192.168.1.255.

You need to make sure what exactly port the your generator uses. It may not be 7 or 9. For example net-misc/wol  uses port 40000

by default (but it allows to choose it to your liking), if man page is to be believed.

Even then, it is not assured that Magic Packet will reach your router, since it may be blocked along the way by ISP routers.

----------

## Naib

can you remote login to your router?

There are 3 methods I can use to WoL a machine at home when I am elsewhere

1) my router (which I can enable to config on the WAN) has a WoL option 

2) my router is linux-based and I can ssh into it

3) I have a server always on which I can ssh into and use a python script to WoL other machines

----------

## devilheart

why don't you set up a vpn? it should be safer if you want to do operations over internet

----------

## midnite

Thanks ALL of you guys for helping!!!

First of all, i would like to ask: Is there anyone can wake their computer by the depicus web-based program?

(this one: http://www.depicus.com/wake-on-lan/woli.aspx)

To prove where is the problem, this is essential as i use that for testing WOL over Internet. So, would you please do me a little favour?   :Wink:   (i think sending from a pc within LAN to my public IP may not work and may make things complicated)

And also, if i have already set DMZ to 192.168.1.2 (that box), and failed to wake it with the depicus program. Does it mean no hope? (may be as dmpogo said: blocked by the ISP   :Crying or Very sad:  )

i have a finding.

 - i used the "waker" within LAN, sending to 192.168.1.255, and it works!

 - How ever, packet over the Internet, port forwarding to 192.168.1.255, fails.

i have an idea. The magic packet needs to be broadcast because the off-ed computer has no IP yet. (Is it true?) When the router does address resolution on 192.168.1.2, no one (computer) answers. This is because that box still have not recognise itself as 192.168.1.2 yet, or it "sees" only the magic packet, but not responding to the ARP packet. So, port forwarding to 192.168.1.2 will never work. (Is it true?)

And somehow, as wah_wah_69 said, my router is blocking the magic packet, or ignoring port forwarding to 192.168.1.255. (may be)  :Confused: 

* this idea is somehow proved by sending to 192.168.1.2 within LAN, but failed to wake.

Naib, thanks for your suggestions. i can login to my router configuration webpage from the Internet. But there is no WOL option. Those webpages are having .asp extension. So i guess it is not Linux and cant SSH. And also, i won't have another computer which will stay on always. In fact, the one i want to wake is the server - which may stay up the longest   :Laughing: 

devilheart, i guess my basic router does not have the VPN capability. If i set up the VPN just for waking up the machine, will it be a waste? i guess SSH is still secure nowadays. (i am not sure)

Thanks again for all of your kindly helps!! And also thanks desultory for moving.

----------

## eccerr0r

Wake on LAN 'magic' packets tend to not be routed through the internet.  It can be encapsulated into a UDP packet that is broadcast on the LAN.

Basically these remote services is depending these UDP packets are sent to the destination network broadcast.  If the end router does not support broadcasting UDP then it won't work.  Basically you have to have a non-NAT public IP address for your computer for these web services to send WOL packets.  There are a lot of reasons why not (I sure don't want random people turning on my computer...)

For the most part I'm not sure how you can specify an end network if your network is on private IP -- it's gated by your router.  There's no way to route from remote.  The only way you can get this to work is if you install a WOL net client on your router that you can specify to send onto your LAN.  Unfortunately most home routers aren't hackable and you're SOL on this.  BTW- the poorly named "DMZ" on most routers typically only transmits TCP, and may not broadcast to the NAT address, so still no solution there.

If you have a Linux router, things get interesting.  Assuming you don't have a Linux router, for the most part, I've found WOL to be fairly unreliable anyway, and simply leave my machine on.  I was away from my machine for about a year and it was OK all alone...  If you really need a low power solution, get a low power PC to run 24/7 that you can log into, and have that machine send WOL packets to your higher powered PC.  And that 'low power pc' can be your Linux router, which is why it's "interesting"  :Smile: 

----------

## midnite

done with port 8900  :Very Happy: 

----------

## midnite

The situation was:i updated the official firmware of my router.

my settings preserve except one: i did port forwarding of port 7 and 9 to 192.168.1.2 (or .255? i cant remember well). But now it changed to forward port 8900 to 192.168.1.2

my public IP has changed also because of my update.

so i use the depicus waker with my new IP and port 8900 and try.

then it works! It works, it works, it works, it worked for a few times also. Yet after about half an hour, i would like to try again. It fails, until now  :Crying or Very sad: 

i wonder if it works for a new IP. So i did disconnect, wait for a while, reconnect to get a new IP. Yet i still have not succeeded with it.

----------

