Something that has been very useful to me is waking up my download server whilst at work via the Internet. I won’t go into detail about how Wake-on-LAN (WoL) works, but it’s basically a packet that can ‘wake’ a PC out of standby mode. There are many reasons why you might want to do this such as avoiding having a server running 24/7, or maybe to start downloading at specific times to avoid ISP caps etc. This is a quick tutorial of how to configure your Cisco Router to allow WoL packets through the router and propagate on the inside network as a broadcast to make them effective.
At this point, I will assume you have set up and tested WoL on your PC at your local network. There are plenty of free tools to do this (see the links below).
1. You will need to allow IP directed broadcasts on the interface facing the PC you intend to wake. By default, this is disabled on Cisco routers to prevent Denial of Service attacks (e.g. the Smurf attack).
Router>enable
Router#configure terminal
Router(config)#interface vlan 1
Router(config-if)#ip directed-broadcast
2. Because the WoL packet needs to be a broadcast, you will need to create a NAT rule that will forward the packet to the broadcast address of your inside network. For example, if your PC is on the 192.168.1.0/24 network, the NAT rule will need to forward the packet to 192.168.1.255. The protocol is UDP and the port can be any of your choosing.
Router(config)#ip nat inside source static udp 192.168.1.255 55555 interface Dialer0 55555
3. The final change is to allow the access through the IOS Firewall. The port will depend on the one you chose in step 2. You can also restrict the source if you wish, depending on which method you chose to send the packet.
Router(config)#ip access-list extended outside_access_in
Router(config-ext-nacl)#10 permit udp any any eq 55555 log
Router(config-ext-nacl)#90 deny ip any any log
Router(config-ext-nacl)#interface Dialer0
Router(config-if)#ip access-group outside_access_in in
4. All done! You can test it works using a tool capable of sending WoL packets over the Internet. You can even use one of the online tools which can send the packets from a web page.
Entries (RSS)
June 22nd, 2007 at 1:23 pm
I use this too, very useful for avoiding the wrath of Virgin Media and their 4-12 capping.
I usually use this in combination with the Cisco VPN Client so that I can RDP onto my box securely.
July 20th, 2008 at 4:19 pm
Hi ,does this also work when my Internet connection (cablemodem) is connected to a fastethernet port since you’re using a dialer interface in the example.
July 20th, 2008 at 5:15 pm
hi,
Yes it will but you will have to customize it for your interfaces.