If like me you have ever wanted to wake up your computers at home from a remote location to grab some files or start some tasks off then you need Wake on LAN. This technology has been around for a while and basically allows a computer to wake up when it recieves a special UDP packet which contains 16 copies of its MAC address. Do a search on Wikipedia if you want to learn more about how the technology works. You will also have to ensure that your PC is capable of using WOL and that your OS is setup to allow it.
We need some way of broadcasting the WOL packet onto the LAN from the internet.
Firstly add the ip directed-broadcast command to the LAN interface to which your PC is connected. This allows the router to "explode" a unicast packet into a broadcast on your LAN.
We now need to create a static nat which will convert your packet from the internet into a broadcast address on the LAN. In this case we are using port 7 but you could use any port of your choice for this. We input the following command...
ip nat inside source static udp 192.168.1.255 7 interface Dialer0 7
Now when you send your special WOL packet over the internet to your external interface address (in this case our dialer interface) to UDP port 7 it gets NAT'd to the broadcast address on our LAN. Thanks to ip directed-broadcast being turned on it is then recived by all devices on the LAN. Obviously you will need to allow traffic to UDP port 7 on your external ACL as well.
When you PC sees this packet containing its MAC repeated 16 times it will wake up (assuming all is configured correctly.)
There are plenty of free programs available you can use to generate this WOL packet. I would not recommend leaving port 7 wide open on your ACL permanently as clearly people could start flooding your LAN with broadcast traffic. Perhaps you could secure it with a lock-and-key ACL which would only open this port up once you have successfully authenticated via TACACS or SSH.
We need some way of broadcasting the WOL packet onto the LAN from the internet.
Firstly add the ip directed-broadcast command to the LAN interface to which your PC is connected. This allows the router to "explode" a unicast packet into a broadcast on your LAN.
We now need to create a static nat which will convert your packet from the internet into a broadcast address on the LAN. In this case we are using port 7 but you could use any port of your choice for this. We input the following command...
ip nat inside source static udp 192.168.1.255 7 interface Dialer0 7
Now when you send your special WOL packet over the internet to your external interface address (in this case our dialer interface) to UDP port 7 it gets NAT'd to the broadcast address on our LAN. Thanks to ip directed-broadcast being turned on it is then recived by all devices on the LAN. Obviously you will need to allow traffic to UDP port 7 on your external ACL as well.
When you PC sees this packet containing its MAC repeated 16 times it will wake up (assuming all is configured correctly.)
There are plenty of free programs available you can use to generate this WOL packet. I would not recommend leaving port 7 wide open on your ACL permanently as clearly people could start flooding your LAN with broadcast traffic. Perhaps you could secure it with a lock-and-key ACL which would only open this port up once you have successfully authenticated via TACACS or SSH.
Comments
Post a Comment