1. Martin S Taylor - 23 July 2008

    Anyone have any experience of Wake-on-LAN? I can get it to work on the LAN, but can't get it to work across the WAN to wake my father's computer.

    I'm running the WakeOnLan program; I'm using the IP address of his router[1], and the MAC address of his iMac. But it doesn't wake up.

    (I've set "Wake for Ethernet network administrator access" on his machine, obviously.)

    Googling around, I found this:

    "If you wish to use Wake On Lan over the internet you will need to set up your destination firewall/router to allow "Subnet Directed Broadcasts". Most routers and firewalls disable this option by default."

    Could this be the problem? Can anyone help as to where this option is on a Netgear DG834G?

    Cheers,

    Martin S Taylor

    [1] At least, I am when Virgin stop moving it around. How can a major ISP not offer static IP addresses?

  2. Adrian C - 23 July 2008

    Martin S Taylor wrote:

    "If you wish to use Wake On Lan over the internet you will need to set up your destination firewall/router to allow "Subnet Directed Broadcasts". Most routers and firewalls disable this option by default."

    google "DG834G wake on lan"

    "Subnet Directed" is "port forwarding" by another name.

    Though this seems to need firmware hacking :-(
    <http://dg834wol.altervista.org/>

    Adrian C

  3. Arthur - 23 July 2008

    Martin S Taylor wrote:

    Anyone have any experience of Wake-on-LAN? I can get it to work on the LAN, but can't get it to work across the WAN to wake my father's computer.

    I never got this to work when I tried but I found
    http://www.depicus.com/wake-on-lan/woli.aspx

    I also recall a suggestion to route packets from that IP address to x.x.x.255 at the destination router.

    When I asked Zyxel if my router could generate WOL packets from the admin interface they said no, but it was a good idea!

    Arthur

  4. Woody - 23 July 2008

    I didn't know there was any way of enabling it. I would certainly be very careful about enabling that sort of thing, unless there was a way of ensuring where it came from.

    [1] At least, I am when Virgin stop moving it around. How can a major ISP not offer static IP addresses?

    Because most people don't really need one. In this circumstance it would be a bit of an overkill to have a static IP address.

    Woody

  5. Martin S Taylor - 23 July 2008

    So I'm hoping the Netgear will only accept this kind of package from a specified IP address. For instance, I've configured it so that it can only be accessed for remote administration from my home IP.

    So how am I supposed to use Screen Sharing if I don't know the IP address?

    MST

  6. Chris Ridd - 23 July 2008

    Guess?

    Or better, use one of the free Dynamic DNS services. Some routers support these directly.

    Cheers,

    Chris

  7. Martin S Taylor - 23 July 2008

    Hmmm. I (think I) understand port forwarding on the DG834G, so why does it need firmware hacking?

    Though this seems to need firmware hacking :-( <http://dg834wol.altervista.org/>

    This appears to be a firmware hack of v3 and v4 of the firmware. Since Dad's router is running v5.01.01 I'm beginning to think that it's easiest just to phone him up and ask him to wake the thing from sleep himself.

    MST

  8. Adrian C - 23 July 2008

    Martin S Taylor wrote:

    So how am I supposed to use Screen Sharing if I don't know the IP address?

    There are ways. Sometimes 'dynamic addresses' aren't really that dynamic. I have a 'sticky' one here on BE broadband. Hasn't changed for years!

    What you can do is register for a service like DynDNS and your router my support this informing DynDNS when your external IP changes. <http://www.dyndns.com/services/dns/dyndns/>

    Adrian C

  9. Woody - 23 July 2008

    Wise choice.

    Dynamic DNS. I have been using that on my mums computer for the last 4 years or so and it works very well.

    I have recently been told some routers have that built in, although presumably if he is with virgin he is on cable, so not one of those (my mum is on virgin/ex blueyonder). She has a free dyndns account <http://www.dyndns.com/>.

    Now you can do screen sharing with iChat if you don't even want to do that (don't know it works, I just have a link to my mums computer in the servers panel)

    Woody

  10. Adrian C - 23 July 2008

    Then you need 'Wake-on-Nap' which might not do (!)

    I don't have that router so I don't know if that is the right web page you should be heading for, but there are the tools and sources there for a recompile of the current firmware released under GPL. Of course these routers (and similar from linksys) are hacked to do a lot of other things.

    (I'm adding the following for general interest)

    Regarding security, I run Wake-On-Lan through my router (BE Box) and it did need a bit of poking around the its CLI interface to help it remember statically an internal ARP route for the destination machine IP address that's normally wiped (including MAC address) from the router's routing table whe the destination machine's ethernet interface is taken down through the OS.

    The UDP port standard seems to be 7 (or 9, depends on hardware) - but another thing I can do in port forwarding is locate this externally to a higher number in the thousands - and map this in the router back down to 7.

    Finally my incoming machine to which everything is directed is a Linux box running a VPN server. Access to the rest of my home network is thus on an encrypted link and hopefully secure*.

    * - famous last words

    Adrian C

  11. Martin S Taylor - 23 July 2008

    No, he's with Virgin, but it's ADSL, and the router does have Dynamic DNS built in!

    Now you can do screen sharing with iChat if you don't even want to do that (don't know it works, I just have a link to my mums computer in the servers panel)

    Yes, but that depends on Dad being there to accept the iChat request.

    (Actually, it seems he has to be there to wake the computer up from sleep, but I didn't know that when this thread started!)

    MST

  12. Jon B - 23 July 2008

    Nope the Virgin ones regenerate every time the router reboots annoyingly.

    Jon B
    Above email address IS valid.
    <http://www.bramley-computers.co.uk/> Apple Laptop Repairs.

  13. Martin S Taylor - 23 July 2008

    Adrian C wrote

    Yes, I know. It's the same for every ISP I've ever encountered until today. Dad's IP address changes every time you reboot the router.

    Dynamic DNS here we come.

    MST

  14. David Sankey - 23 July 2008

    You don't need to broadcast to the subnet (you just need the machine to see the magic packet).

    You don't need to use the 'standard' port (you just need the machine to see the magic packet).

    If the machine that you want to wake has a static address, you just need to port forward the incoming port to that address.

    So if you've already got (say) ssh forwarded to the relevant machine, a correct magic packet sent to your external ssh port on your router could do the trick.

    If your router remembers where the relevant machine is (which is what you circumvent by going to a broadcast packet).

    Kind regards,

    Dave

  15. Adrian C - 23 July 2008

    David Sankey wrote:

    If your router remembers where the relevant machine is (which is what you circumvent by going to a broadcast packet).

    Nope and yeah :-)

    The magic packet by definition has a broadcast frame* and is carried over the internet as such to the external IP of the router. The router can direct "port forward" this broadcast packet to the specific interface. Hence "Subnet Directed Broadcast".

    It does not mean the need to broadcast it to every machine on the subnet - it's just a packet which looks like a broadcast!

    * - http://en.wikipedia.org/wiki/Wake_on_lan

    Adrian C

  16. Martin S Taylor - 23 July 2008

    David Sankey wrote

    If your router remembers where the relevant machine is (which is what you circumvent by going to a broadcast packet).

    I think that's the problem. The router only forwards packets to ports where there's an active machine connected, and since the machine is asleep, the router can't see anything connected to that LAN IP address, so doesn't forward the packet.

    Is that it?

    MST

  17. Graham J - 23 July 2008

    It has nothing to to with what the router can "see".

    Wake on LAN works when you send packets from the LAN - yes? The switch in the router is the same switch that is used to pass packets arriving from the WAN - yes?

    The interface in the computer has some power supplied, this is how it recognises the incoming packet which tells it to wake. The packet has to be broadcast so that the network switch sends it out of all ports; but it carries in its payload the MAC address of the interface so that it wakes the correct computer. The broadcast is at the MAC address level [i.e. level 2] (so it knows nothing about higher level protocols such as TCP/IP [level 3]). Your router must therefore receive the "magic packet" and broadcast it to your LAN. As discussed in the Wikepedia article, routers explicitly do not do this by default for security reasons.

    When the computer wakes, its network interface goes through usual start-up procedure. It sends packets to complete its ARP (address relolution protocol) so that it learns the MAC address of the DHCP server. It then sends DHCP requests to get itself an IP address & mask, and default gateway. The DHCP server (generally in the router) may recognise that it has seen this machine before and allocate it the same IP address as previously. In summary, the computer must wake up before it gets an IP address.

    Graham J

  18. David Empson - 23 July 2008

    Create your own free domain name at www.dyndns.com, and set up your DG834(G) to automatically refresh it.

    Worked fine for me when I had a dynamic IP address and a DG834. I'm still using it, even though I have a static IP address now (and a different router).

    David Empson
    dempson@actrix.gen.nz

  19. Martin S Taylor - 23 July 2008

    Thanks. That makes it much clearer.

    However,

    Your router must therefore receive the "magic packet" and broadcast it to your LAN. As discussed in the Wikepedia article, routers explicitly do not do this by default for security reasons.

    because of this, there doesn't seem to be a solution to the problem.

    MST

  20. David Empson - 23 July 2008

    The best solution would be if the router itself provided a Wake on LAN feature via its management interface, and you can securely connect to that via the Internet.

    Beats me why I haven't seen this in any of the relatively cheap routers I've encountered.

    Should be easy enough to add with a Linux-based router that has a command prompt, but I haven't gone looking for command line Wake on LAN tools.

    David Empson
    dempson@actrix.gen.nz

  21. Sak Wathanasin - 23 July 2008

    No, it's not: they mean "broadcast". Broadcasts are not forwared by any router (if they did, a simple typo would flood the Internet). It would require special code in the router firmware to do the incoming WOL pkts and re-boardcast it on the LAN. The latest Vigor routers (2700/2820) support this (though I haven't tried using it); don't know if anything else does.

  22. Sak Wathanasin - 23 July 2008

    On 23 Jul, 17:43, David Sankey wrote:

    You don't need to broadcast to the subnet (you just need the machine to see the magic packet).

    You don't need to use the 'standard' port (you just need the machine to see the magic packet).

    So how do you do that? The machine is asleep: it doesn't have an IP address, and won't have one till it wakes up. And it won't wake up until it (or rather the e-net chip) sees the magic packet. Catch-22. That's why you need a broadcast or be able to direct a pkt at a specific MAC address (no good looking in the ARP table - it'll have aged out).

  23. Sak Wathanasin - 23 July 2008

    On 24 Jul, 08:12, David Empson wrote:

    Beats me why I haven't seen this in any of the relatively cheap routers I've encountered.

    Latest Vigors have this - 2700, 2820.

  24. Chris Ridd - 23 July 2008

    The Tomato firmware for Linksys boxes has this.

    Cheers,

    Chris

  25. David Sankey - 23 July 2008

    Well, as that wikipedia page says: "The Magic Packet is a broadcast frame containing anywhere within its payload 6 bytes of ones FF FF FF FF FF FF followed by sixteen repetitions of the target computer's MAC address."

    The important thing is this payload. What you need is that a packet is visible on the network interface of the machine which you wish to wake which contains (somewhere) this specific data.

    You achieve this either by having the switch in your router remember which LAN port this machine had been on, or by broadcasting it to all ports.

    That at the time it is woken the machine has no IP address is not important, what is important is the network activity on its network port.

    If you have port forwarding already defined, I would certainly try a WOL packet sent to this port on the router's WAN interface. Given the lack of activity on the LAN there is a chance that the switch remembers which port previously corresponded to the machine in question (or it might be possible to disable the flushing of this information).

    Or you can see if you can trick your router into broadcasting, by forwarding any port you like on your external interface to any port you like on the broadcast address for your LAN (i.e. something like 192.168.0.255).

    A final way to frig this with a directed packet is if you have a machine that is always on on your LAN (in my case, a networked all-in-one). If you put this machine on a hub (NOT switch) and have the machine to be woken connected to this hub, it will see the magic packet sent to the known machine.

    Good luck,

    Dave

  26. Sak Wathanasin - 23 July 2008

    On 24 Jul, 08:12, David Empson wrote:

    Should be easy enough to add with a Linux-based router that has a command prompt, but I haven't gone looking for command line Wake on LAN tools.

    Loads available. I have one on my Linux box in the office which is on all the time as it's the mailserver and I can ssh to it and wake up any of the Macs as required.

  27. Sak Wathanasin - 23 July 2008

    On 24 Jul, 10:04, David Sankey wrote:

    If
    you put this machine on a hub (NOT switch) and have the machine to be woken connected to this hub, it will see the magic packet sent to the known machine.

    Only if the e-net i/f of the target m/c was in "promiscuous" mode. Can you put the i/f to sleep in this mode? Has amyone tried this?

  28. Martin S Taylor - 24 July 2008

    This we can do.

    Given the lack
    of activity on the LAN there is a chance that the switch remembers which port previously corresponded to the machine in question (or it might be possible to disable the flushing of this information).

    Or you can see if you can trick your router into broadcasting, by forwarding any port you like on your external interface to any port you like on the broadcast address for your LAN (i.e. something like 192.168.0.255).

    The router won't let me forward to 192.168.0.255 ('invalid IP address').

    Forwarding to any other address (specifically 192.168.0.2, which is always Dad's computer's IP address on the LAN) is possible, but doesn't work.

    MST

  29. Martin S Taylor - 24 July 2008

    Chris Ridd wrote

    So why did you lot recommend the Netgear? :-)

    MST

  30. Woody - 24 July 2008

    Who are you refering to with 'you lot'?
    I wouldn't recommend a netgear even if I was getting money to do so [1]. The one (and its replacement when it died after two weeks) I had was the most unreliable router I have ever had, and I have had a few. No way would I ever get another of those.

    The user interface is quite good (not as good as the belkin), but what is the use of a good user interface when the router itself is made out of cheese[2].

    [1] Obviously this depends on the _amount_ of money, but still [2] Technically this point may be factually incorrect in its actual dairy content.

    Woody

  31. David Sankey - 24 July 2008

    Netgear eh?

    Thinks VPN.

    Thinks <http://discussions.apple.com/thread.jspa?messageID=7406648>

    Just make sure your private network is different from the far end, so that the routing tables know what to do.

    VPN is how we do this with our Windows boxes from abroad (VPN back to base, send WOL to our subnet, RDC into the beast). Haven't tried it with my backup server yet, but should all work...

    Kind regards,

    Dave

  32. Chris Ridd - 24 July 2008

    I wouldn't have. The last Netgear box I had was a couple of years ago and had this wierd bug where after a while it would byte swap DNS responses. Not recommended by me at all!

    I'd go for a Linksys model again, but only if I knew non-Linksys firmware could be had for it.

    Cheers,

    Chris

  33. zoara - 24 July 2008

    The Netgears do. Works flawlessly.

    -z-

    am forget my password of mac,did you give me
    password on new email marko.[redacted]@yahoo.com

  34. Woody - 24 July 2008

    Hard to imagine anything on a netgear working flawlessly

    Woody

  35. Chris Ridd - 24 July 2008

    The power socket? It gets good use.

    Cheers,

    Chris

  36. Woody - 24 July 2008

    Actually the box it came in was quite well designed I noticed the couple of times I packed them to take them back to the shop!

    Woody

  37. Martin S Taylor - 24 July 2008

    Woody wrote

    Well not you, obviously.

    Actually I'm pleased the router I chose has a pretty simple interface, as while working remotely I turned off NAT (accidentally, in case you were wondering) and when this rebooted the router (thereby - courtesy of Virgin - changing the external IP address) I couldn't access Dad's router and Dad couldn't access the Internet.

    I had to talk him through turning NAT back on over the phone, doing the commands purely from memory. Scary, but he's good at following directions and we got through it.

    MST

  38. Sak Wathanasin - 24 July 2008

    On 24 Jul, 11:35, David Sankey wrote:

    VPN is how we do this with our Windows boxes from abroad (VPN back to base, send WOL to our subnet, RDC into the beast). =A0Haven't tried it with my backup server yet, but should all work...

    Can't see how this would work either: broadcasts and multicasts don't get sent through a VPN. Hence, the problems with browsing through a VPN - it afflicts Bonjour, NetBIOS, DHCP and so on; none of these will work without either some kind of helper/proxy or a special kludge in the VPN implementation to forward pariticular kinds of b/casts.

  39. Adrian C - 24 July 2008

    Martin S Taylor wrote:

    The router won't let me forward to 192.168.0.255 ('invalid IP address').

    Forwarding to any other address (specifically 192.168.0.2, which is always Dad's computer's IP address on the LAN) is possible, but doesn't work.

    The sad story is that it won't work on this particular router. All my googling leads to the conclusion your router needs the firmware hack I mentioned in my first post.

    <http://forum1.netgear.com/showthread.php?t=191&highlight=wake+lan>

    Adrian C

  40. zoara - 24 July 2008

    My old one didn't, so I upgraded; I can't remember why, but I ended up choosing another Netgear. The new one has worked flawlessly from the get-go.

    With nothing to lose, I opened up the old one, reseated the wireless card, and donated it to the outlaws, where it has worked flawlessly ever since.

    Maybe you bought one of the special cheddar editions. Well known for being unreliable.

    -z-

    am forget my password of mac,did you give me
    password on new email marko.[redacted]@yahoo.com

  41. Jaimie Vandenbergh - 24 July 2008

    Not that this is the first time we've all had this conversation, but I'm responsible for 6 continuously working DG834 series boxes with no problems in near four years now.

    I did have a WNR854T go pop, but that was probably because it wasn't oriented in the correct way for the chimney effect to keep the innards cool. Replaced under (three year) warranty with a later version.

    Cheers - Jaimie

    Actually, the Singularity seems rather useful in the entire work avoidance field. "I _could_ write up that report now but if I put it off, I may well become a weakly godlike entity, at which point not only will I be able to type faster but my comments will be more on-target." - James Nicoll

  42. Woody - 24 July 2008

    Going by my own personal experiences, and reviews on the net, I would say you are remarkably lucky.

    Woody

    www.alienrat.com

Welcome to DssW. We make saving energy easy. Our Power Manager software will reduce the running costs of your Macs.

Download
DssW Power Manager 3
for Mac OS X

Back to the top