Tag: Wake On Lan

How To – Enable Wake On Lan using a Cisco ASA

I wrote instructions for how to configure Wake On Lan forwarding using a Cisco IOS device, this article will focus on how to configure a Cisco ASA firewall.

Wake On LAN is an Ethernet standard that allows for a device to be powered on when receiving a specially crafted “magic packet”. The “magic packet” is a broadcast frame consisting of 6 bytes of 255 (FF FF FF FF FF FF) followed by sixteen repetitions of the 48-bit MAC address. Turned off computers receiving the broadcast don’t actually process the message up the protocol stack, they are just looking out for a matching 102-byte string.

From what I can tell, unlike Cisco IOS the ASA doesn’t support “IP Directed Broadcasts”, likely to prevent Smurf Attacks. However with some clever NAT rules it’s possible to achieve something similar by using NAT to translate the inbound unicast packet and send it on to the broadcast address for your internal subnet.
Continue reading How To – Enable Wake On Lan using a Cisco ASA

How To – Enable Wake On LAN using a Cisco router

Wake On LAN is an Ethernet standard that allows for a device to be powered on when receiving a specially crafted “magic packet”. The “magic packet” is a broadcast frame consisting of 6 bytes of 255 (FF FF FF FF FF FF) followed by sixteen repetitions of the 48-bit MAC address. Turned off computers receiving the broadcast don’t actually process the message up the protocol stack, they are just looking out for a matching 102-byte string.

Because of this we can use a UDP datagram to remotely wake up a computer from somewhere else on a routed network. Here’s how you can achieve this using Cisco IOS.

The first thing we need to do is setup a static NAT entry for the UDP port we wish to use (usually 7 or 9), so that our “magic packet” is forwarded from our external interface to the host we want to power on. In the below example the IP address of the system we’re going to wake up is 192.0.2.1 and the external interface is ATM0.1:

ip nat inside source static udp 192.0.2.1 7 int ATM0.1 7

Next up we need to create an access-list that will contain the IP addresses of systems we’ll be sending the Wake On LAN message from:

access-list 10 permit host 198.51.100.1

Finally we need to enable “directed broadcasts”. This enables packets sent to the subnet broadcast address to be sent from hosts that are not part of that subnet. Again, in the below example our external interface is ATM0.1:

int ATM0.1
ip directed-broadcast 10

You’ll then need to enable Wake on LAN on the device itself. Once that’s done you can use online services or free applications to wake your device.