=========== Wake on LAN =========== In this article, I cover another interesting Defensebolt feature: Defensebolt Wake-on-LAN. As you may know, Wake-on-LAN (WOL) is an Ethernet computer networking standard that allows a computer to be turned on or awakened by a network message. It was introduced in 1997 as a joint project by Intel and IBM. Wake-on-LAN is implemented using a specially designed packet called a magic packet, which is sent to the computer to be woken up. The magic packet contains the MAC address of the destination computer. Powered-downed or turned off computers capable of Wake-on-LAN will contain network devices able to listen to incoming packets in low-power mode while the system is powered down. If a magic packet is received that is directed to the device’s MAC address, the NIC signals the computer’s power supply or motherboard to initiate system wake-up, much in the same way as pressing the power button would do. The magic packet is sent on layer 2 of the OSI model (data link layer) and when sent, is broadcast to all attached devices on a given network, using the network broadcast address; layer 3 (the network layer) is not used. As a result, if you want to use Wake-on-LAN outside your current network, it requires special configuration. Defensebolt Wake-on-LAN provides the capability of either waking a computer from the local network or the Internet. .. image:: ./wakeonlan/image1.png :scale: 100% The Wake on LAN (WOL) page at **Services > Wake on LAN** can wake up computers from a powered-off state by sending special “Magic Packets”. The network interface card in the client computer that is to be woken up must support WOL and it must be configured properly. Typically there is a BIOS setting to enableWOL, and non-integrated adapters often require a WOL cable connected between the NIC and a WOL header on the motherboard. WOL has many potential uses. Typically, workstations and servers are kept running because of services they provide, files or printers they share, or for convenience. Using WOL would allow these to remain in a sleep state to conserve power. When a service is required, the system can be woken up when needed. Another example would be if someone needs remote access to a system, but the user shut it down before leaving the office. Using WOL the target system can be awoken, and it may then be accessed once it has booted. .. Warning:: WOL offers no inherent security. Any system on the same layer 2 network may transmit a WOL packet, and the packet will be accepted and obeyed. It is best to only configure WOL in the BIOS for machines that need it, and disable it in all others. There are a some vendor-specific WOL extensions that provide some extra security, but nothing universally supported. **Wake Up a Single Machine** To wake up a single machine: .. image:: ./wakeonlan/image5.png :scale: 100% - Navigate to **Services > Wake on LAN** - Select the Interface through which the target system can be reached - Enter the target system MAC address in the format of xx:xx:xx:xx:xx:xx - Click **Send** DefenseBolt will transmit a WOL Magic Packet out the chosen interface, and if everything went as planned, the system will power on and start to boot. Keep in mind that systems will take some time to boot. It may be several minutes before the target system is available. **Storing MAC Addresses** To store a MAC address for convenience: .. image:: ./wakeonlan/image4.png :scale: 100% - Navigate to **Services > Wake on LAN** - Click **pluse** Add under the list of stored MAC addresses to add a new entry - Select the **Interface** through which the target system can be reached - Enter the target system **MAC address** in the format of xx:xx:xx:xx:xx:xx - Enter a **Description** for the entry, such as the target system’s name, owner, or location. For example: “Pat’s PC” or “Sue’s Server” - Click **Save** Once saved, the entry will be available on the list at **Services > Wake on LAN.** Maintaining the entries is similar to other tasks in DefenseBolt: Click **edit** to edit an existing entryand click **delete** to remove an entry. **Wake a Single Stored Machine** To send a WOL Magic Packet to a system that has been previously stored: - Navigate to **Services > Wake on LAN** - Locate the desired entry in the list - Click its **MAC address** or click the icon in the Actions column The WOL page will reload, and the Magic Packet will be sent. The status of the WOL attempt will also be displayed. **Wake All Stored Machines** .. image:: ./wakeonlan/image5.png :scale: 100% To send a WOL Magic Packet to all stored systems at once: - Navigate to **Services > Wake on LAN** - Click **power butten** Wake All Devices under the list of stored addresses. **Wake from DHCP Leases View** To send a WOL Magic Packet from the DHCP Leases view: - Navigate to **Status > DHCP Leases** - Locate the desired system in the list - Click **power butten** at the end of the lease row to send a WOL Magic Packet .. Note:: The WOL function is only available for systems marked offline, meaning they are not in the ARP table on the firewall. If a system was very recently powered off, it can take a few minutes for the ARP entry to expire before it will be marked offline. If a system has been powered off for quite some time,see the previous lease. clicking **pluse butten** Show all configured leases might be required to When the link is clicked, the browser will return to the WOL page, and the Magic Packet will be sent. **Save from DHCP Leases View** A MAC address and hostname may be copied to a new WOL mapping entry while viewing the DHCP leases. - Navigate to **Status > DHCP Leases** - Locate the desired system in the list - Click **pluse butten** at the end of lease entry - Confirm the values on the page, and enter any missing information. - Click **Save**