The following instructions allow you to send a Wake-On-Lan (WOL) "Magic Packet" from the internet to a PC on your LAN behind the Actiontec NAT firewall.
From the PC you want to wake:
- Make sure that the NIC supports WOL.
- Make sure WOL is enabled in the machine BIOS
- Make a note of the IP address or machine name.
- Make a note of the MAC address of the NIC you want to receive the magic packet. e.g. aa:bb:cc:dd:ee:ff
Unfortunately, the Actiontec firmware (as of version 126.96.36.199.188.8.131.52) ages out its ARP cache. This means that when it receives a WOL packet from the WAN, it may have "forgotten" the IP address associated with the MAC address in the WOL packet. The Actiontec also does not allow creating a port forwarding rule to the LAN broadcast address (192.168.1.255). To get around both of these restrictions, we need to create a static ARP entry in the router that associates an unused IP address (192.168.1.254) with the broadcast MAC address (FF:FF:FF:FF:FF:FF).
Telnet to router:
telnet 192.168.1.1If you are unable to connect to the router, do the following:
- Go to Advanced
- Click on Local Administration
- Check Using Primary Telnet Port (23)
At the prompt, enter either (depends on model of router):
Wireless Broadband Router> shell
Wireless Broadband Router> system shell
BusyBox v0.50 (2007.11.14-21:26+0000) Built-in shell (lash)
Enter 'help' for a list of built-in commands.
/ # arp -s 192.168.1.254 FF:FF:FF:FF:FF:FF
Note: This static ARP entry will not survive a reboot of the router.
Now login to the Actiontec and Add WAKE-ON-LAN as a port forward protocol in the Actiontec:
- Click on ADVANCED icon at top
- Select Protocols
- ADD (at bottom of list)
- Service name: Wake-On-LAN
- Add server port
- Protocol: UDP
- Source port: ANY
- Dest port: SINGLE 9
- APPLY. Wake-On-LAN should now appear in the list of protocols.
Add the Port Forward Rule
- Click on FIREWALL icon at top
- Select Port Forwarding on left menu.
- Device: 192.168.1.254
- Protocol: Select Wake-On-LAN
- Forward to port: 9
- APPLY. You should now see Wake-On-LAN for UDP in the list of forwarded ports.
This port forward rule should only be enabled when necessary since it will turn any packet received on port 9 into a broadcast packet on your LAN. Recommendation: If the software you are using supports it, I would suggest using an obscure port number, such as 10009, rather than the well known port 9 (security by obscurity).
You can send a WOL packet from here: »/wakeup
The DSLReports WOL tool only supports port 9.
If you have trouble, a WOL sniffer can be downloaded here: »www.depicus.com/download.aspx?product=wolm
The above site also has a variety of other WOL tools.
Thanks to zerog
for his original post on the subject here: »MI424WR Wake On Lan (WOL) - working hack, needs testingRevised 12/31/08 to replace DHCP reservation with static ARP.
Please use the feedback link below only to suggest improvements to this FAQ. If you have questions about this FAQ, please post them in the »Verizon FiOS forum.
Feedback received on this FAQ entry:
- 100% relevant for my situation - guide said everything I needed to know. Thanks a bunch!
Another method around the ARP cache issue, rather than having to manually create an ARP enter that will not survive a router reboot, is to use an old router or other device that can have its MAC address cloned to all F’s (FF:FF:FF:FF:FF:FF), and set its IP address to 192.168.1.254.
This way when the router receives the WoL packet and sends out an ARP request, this device with all F’s MAC will respond and the router will then forward the WoL packet to 192.168.1.254 via Ethernet address FF:FF:FF:FF:FF:FF (a broadcast), and the WoL targeted machine will receive the broadcast and wake up.
Here is some additional reference material:
Have verified two old routers/gateways this can be done with.
D-Link WBR-1310 Version B1, & LinkSys BEFW11S4 Versions 1, 2, 3, & 3.2
The D-Link WBR-1310 is pretty straight forward:
1. Restore factory default configuration
2. Set the Internet (WAN) connection type to static IP
a. IP Address: 192.168.1.254
b. Subnet Mask: 255.255.255.0
c. ISP Gateway: 192.168.1.x (were x can be your real gateway or something bogus like 252)
d. MAC Address: FF-FF-FF-FF-FF-FF
e. Primary DNS Address: 192.168.1.x (were x can be your real gateway or something bogus like 252)
3. Disable Wireless Network
4. Remote Management on Port 80
5. Disconnect from the LAN port, and connect the WAN port to your network.
6. Configure ISP Router to forward port 9 to 192.168.1.254
7. Configure target computer(s) for Wake-on-LAN
The LinkSys BEFW11S4 requires either a firmware hack or a config file hack, but otherwise the settings are similar to the D-Link WBR-1310.
LinkSys BEFW11S4 Firmware Hack Method:
LinkSys BEFW11S4 Config File Hack Method:
1. Send WoL packet from internet tool such as the Broadband Reports WoL tool on port 9
2. ISP Router sends out an ARP request for 192.168.1.254
3. The modified device (192.168.1.254) responds to the ARP request with it's all F's MAC.
4. Router forwards the WoL Packet to 192.168.1.254 via Ethernet address FF:FF:FF:FF:FF:FF, a broadcast.
5. Machine specified in WoL packet wakes up.
Success!!! No more having to make the manual static ARP entry which does not survive a router restart. :D
2009-06-11 02:48:54 (NOYB )
by More Fiber edited by birdfeedr
last modified: 2010-12-19 19:10:45