Prerequisites of Wake-on-LAN
The following requirements should be met for the Wake-on-LAN operation to succeed:
- The Machines must be configured to respond to wake-up packets received by the network adapter and in the Machine's BIOS. See the Configuring Machines' hardware for Wake-on-LAN for details on the network adapter and BIOS configuration.
- The network adapters must support the standard Magic Packet format. See the Configuring remote Machines' Network Adapter for details on the network adapter configuration.
- Older motherboards must have a WAKEUP-LINK header onboard connected to the network adapter via a special 3-pin cable; however, systems supporting the PCI 2.2 standard and having a PCI 2.2 compliant network adapter do not usually require a Wake-on-LAN cable as the required standby power is relayed through a PCI bus. PCI version 2.2 supports PME (Power Management Events). PCI adapters send and receive PME signals via a PCI socket directly, without the need for a Wake-on-LAN cable.
- The Machines should use an ATX power supply meeting the ATX 2.01 specifications.
- The target Machine must be in the Shut Down state. That means that the AC adapter should not be turned off after the last Shut Down. For example, if the machine was switched off due to a power outage, WOL will not work. If you want to wake the Machines up from Sleep or Hibernate, you must make some additional network adapter settings. See the Configuring remote Machines' Network Adapter for details.
Prerequisites of Wake-on-LAN across different subnets (or VLANs)
You may wake up remote Machines from different subnets using Remote Shutdown with the help of each of the transmission methods (Directed Broadcast and Unicast), provided a specific set of requirements is met for at least one of the methods.
Directed Broadcast transmission method prerequisites
All routers/gateways/switches between the Remote Shutdown site server and the target Machines must allow Directed Broadcasts and must support the IPv4 protocol. This ensures that the WOL packets are not blocked.
Allowing any type of Directed Broadcast on routers/gateways/switches makes the network vulnerable to "smurf" attacks though the Internet. In a "smurf" attack, the attacker sends ICMP echo requests from a falsified source address to a directed broadcast address causing all the hosts in the target subnet to send replies to the falsified source. By sending a continuous stream of such requests, the attacker can create a much larger stream of replies, which can completely inundate the host whose address is being falsified.
To protect your network from "smurf" attacks, you may allow only certain types of Directed Broadcasts to go throw the routers/gateways/switches (i.e. configure the access list). In case with Remote Shutdown Wake-on-LAN packets, you should only allow receiving UDP packets from the machine running Remote Shutdown through the port specified on the WOL Configuration preference page. The access list should be configured on all routers/gateways/switches along the Wake-on-LAN packet path.
For detailed information on configuring the access list on routers/gateways/switches, refer to the user manual provided by the hardware manufacturer.
To wake up a Machine over the Internet, an appropriate port needs to be forwarded from the WAN side to the LAN side of the router. Since a Machine that is not turned on doesn't have an IP address, the packet sent to wake the Machine needs to be forwarded to all Machines on the LAN side of the router in order to ensure it gets to the Machine it is intended for. The protocol that needs to be forwarded is UDP; it is not necessary to forward the TCP protocol. The IP address the packet needs to be forwarded to changes depending on the network mask you are using on your LAN. The default network mask is 255.255.255.0. If you are using this mask, you should forward traffic destined to your WOL port to xxx.xxx.xxx.255. If you are using the default settings of the router, this address would probably be 192.168.1.255. 255 in the address using the default network mask signifies that the router should forward any information sent to the indicated port to all computers on the LAN side. If you are using the default router settings with Remote Shutdown, simply forward all UDP traffic to the port specified on the WOL Configuration preference page to 192.168.1.255. If there is an option of specifying external and internal ports, the same port number should be used for both external and internal ports.
Unicast transmission method prerequisites
For a Wake-on-LAN operation with the help of the Unicast transmission method to succeed, the routers should have a sufficient APR (Address Resolution Protocol) cache life time, or the IP addresses of the Machines you want to wake up should be defined as static entries in the ARP cache. If they are defined as static they will never be removed from the cache. As long as the target Machine's IP address is available in the router's ARP cache, Wake-on-LAN packets are delivered successfully and the Machine can be woken up. If the IP address entry is removed from the ARP cache, it is no longer possible to deliver Wake-on-LAN packets to the target Machine using the Unicast transmission method.
Please be aware that a significant increase of the ARP cache may cause unexpected errors in the network.