Doing a Wake-On-Lan (WoL) over the internet.
Introduction
Here’s how to wake a system up remotely.
Inside the Machine
First, be sure the BIOS is properly configured for WoL. After that, run the following command to see if it’s supported by your card:
sudo ethtool eth0
The result should look something like this:
Settings for eth0: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: Not reported Advertised pause frame use: No Advertised auto-negotiation: Yes Link partner advertised link modes: Not reported Link partner advertised pause frame use: No Link partner advertised auto-negotiation: No Speed: 100Mb/s Duplex: Full Port: Twisted Pair PHYAD: 0 Transceiver: internal Auto-negotiation: on MDI-X: Unknown Supports Wake-on: pg Wake-on: d Current message level: 0x0000003f (63) Link detected: yes
Notice the Supports Wake-on
and Wake-on
properties. Here’s how to decode them:
p Wake on phy activity u Wake on unicast messages m Wake on multicast messages b Wake on broadcast messages a Wake on ARP g Wake on MagicPacket™ s Enable SecureOn™ password for MagicPacket™ d Disable (wake on nothing). This option clears all previous options.
For this tutorial, I just use the g
option. By default, it’s usually set to d
. Just type this to change it to g
:
sudo ethtool -s eth0 wol g
Run sudo ethtool eth0
again and check Wake-on
to see if it worked.
Inside the LAN
After your BIOS is properly configured, turn off the machine and try sending the wake message from inside the LAN. Use the wakeonlan
utility. It usually does not come by default but is often available by apt-get install wakeonlan
.
You’ll need the system’s MAC ID, by typing ifconfig
and you should see something like:
eth0 Link encap:Ethernet HWaddr 00:12:34:56:77:88
inet addr:192.168.0.206 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:121930 errors:0 dropped:0 overruns:0 frame:0 TX packets:100023 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3836347 (3.8 MB) TX bytes:1836 (1.8 KB) Interrupt:27 Base address:0xc000lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1⁄128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:710806 errors:0 dropped:0 overruns:0 frame:0 TX packets:710806 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:66446307 (66.4 MB) TX bytes:66446307 (66.4 MB)wlan0 Link encap:Ethernet HWaddr 00:11:22:33:45:66
inet addr:192.168.0.207 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1238388 errors:0 dropped:0 overruns:0 frame:0 TX packets:924491 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:943593318 (943.5 MB) TX bytes:124590574 (124.5 MB)
The following line gives the MAC ID:
eth0 Link encap:Ethernet HWaddr 00:12:34:56:77:88
HWaddr is what you want. eth0 is the wired connection and wlan0 is wireless. Likely, wireless will NOT work.
Now write down the HWaddr and halt the target machine. Then, type this:
wakeonlan 00:12:34:56:77:88
The machine should turn itself on in a matter of minutes.
WoL over the Internet
Now, try to monitor for the packet with this command:
sudo tcpdump -i eth0 udp port 9
Run wakeonlan
locally and you should see something like this:
22:42:22.017251 IP yourmachine.local.52793 > 255.255.255.255.discard: UDP, length 102
It should happen every time you execute the wakeonlan
command. Keep this running. It will tell us if the packet is actually getting through without having to constantly power down the target machine.
Now find your external IP address. I like using http://whatsmyipaddress.com. Now try to send a packet to your target IP address (eg 1.2.3.4 shown below) from your external Internet machine:
wakeonlan -i 1.2.3.4 00:12:34:56:77:88
If you see the packet in tcpdump
, great. If not, go to the next section.
Getting WoL through a Firewall
Keep the tcpdump mentioned above running. Then, go into the router configuration and set udp port 9 traffic to be sent to the IP address 255.255.255.255. This is the “broadcast” address. This is great for home use and testing, but not a good idea in a big organization as every IP on your LAN will see the packet.
Now, try the wakeonlan again. Be sure tcpdump caught it. If not, check your router configuration again.