Doing a Wake-On-Lan (WoL) over the internet.


Here's how to wake a system up remotely.

Inside the Machine

First, be sure the BIOS is properly configured for WoL. After that, run the following command to see if it's supported by your card:

sudo ethtool eth0

The result should look something like this:

Settings for eth0:
        Supported ports: [ TP ]
        Supported link modes:   10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Supports auto-negotiation: Yes
        Advertised link modes:  Not reported
        Advertised pause frame use: No
        Advertised auto-negotiation: Yes
        Link partner advertised link modes:  Not reported
        Link partner advertised pause frame use: No
        Link partner advertised auto-negotiation: No
        Speed: 100Mb/s
        Duplex: Full
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        Auto-negotiation: on
        MDI-X: Unknown
        Supports Wake-on: pg
        Wake-on: d
        Current message level: 0x0000003f (63)
        Link detected: yes

Notice the Supports Wake-on and Wake-on properties. Here's how to decode them:

              p  Wake on phy activity
              u  Wake on unicast messages
              m  Wake on multicast messages
              b  Wake on broadcast messages
              a  Wake on ARP
              g  Wake on MagicPacket(tm)
              s  Enable SecureOn(tm) password for MagicPacket(tm)
              d  Disable (wake on nothing).  This option clears all previous options.

For this tutorial, I just use the g option. By default, it's usually set to d. Just type this to change it to g:

sudo ethtool -s eth0 wol g

Run sudo ethtool eth0 again and check Wake-on to see if it worked.

Inside the LAN

After your BIOS is properly configured, turn off the machine and try sending the wake message from inside the LAN. Use the wakeonlan utility. It usually does not come by default but is often available by apt-get install wakeonlan.

You'll need the system's MAC ID, by typing ifconfig and you should see something like:

eth0      Link encap:Ethernet  HWaddr 00:12:34:56:77:88  
          inet addr:  Bcast:  Mask:
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:121930 errors:0 dropped:0 overruns:0 frame:0
          TX packets:100023 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3836347 (3.8 MB)  TX bytes:1836 (1.8 KB)
          Interrupt:27 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:710806 errors:0 dropped:0 overruns:0 frame:0
          TX packets:710806 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:66446307 (66.4 MB)  TX bytes:66446307 (66.4 MB)

wlan0     Link encap:Ethernet  HWaddr 00:11:22:33:45:66  
          inet addr:  Bcast:  Mask:
          RX packets:1238388 errors:0 dropped:0 overruns:0 frame:0
          TX packets:924491 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:943593318 (943.5 MB)  TX bytes:124590574 (124.5 MB)

The following line gives the MAC ID:

eth0 Link encap:Ethernet HWaddr 00:12:34:56:77:88

HWaddr is what you want. eth0 is the wired connection and wlan0 is wireless. Likely, wireless will NOT work.

Now write down the HWaddr and halt the target machine. Then, type this:

wakeonlan 00:12:34:56:77:88

The machine should turn itself on in a matter of minutes.

WoL over the Internet

Now, try to monitor for the packet with this command:

sudo tcpdump -i eth0 udp port 9

Run wakeonlan locally and you should see something like this:

22:42:22.017251 IP yourmachine.local.52793 > UDP, length 102

It should happen every time you execute the wakeonlan command. Keep this running. It will tell us if the packet is actually getting through without having to constantly power down the target machine.

Now find your external IP address. I like using Now try to send a packet to your target IP address (eg shown below) from your external Internet machine:

wakeonlan -i 00:12:34:56:77:88

If you see the packet in tcpdump, great. If not, go to the next section.

Getting WoL through a Firewall

Keep the tcpdump mentioned above running. Then, go into the router configuration and set udp port 9 traffic to be sent to the IP address This is the "broadcast" address. This is great for home use and testing, but not a good idea in a big organization as every IP on your LAN will see the packet.

Now, try the wakeonlan again. Be sure tcpdump caught it. If not, check your router configuration again.


Your rating: None Average: 5 (2 votes)