Wake on LAN

In this article, I cover another interesting Defensebolt feature: Defensebolt Wake-on-LAN. As you may know, Wake-on-LAN (WOL) is an Ethernet computer networking standard that allows a computer to be turned on or awakened by a network message. It was introduced in 1997 as a joint project by Intel and IBM. Wake-on-LAN is implemented using a specially designed packet called a magic packet, which is sent to the computer to be woken up. The magic packet contains the MAC address of the destination computer. Powered-downed or turned off computers capable of Wake-on-LAN will contain network devices able to listen to incoming packets in low-power mode while the system is powered down. If a magic packet is received that is directed to the device’s MAC address, the NIC signals the computer’s power supply or motherboard to initiate system wake-up, much in the same way as pressing the power button would do. The magic packet is sent on layer 2 of the OSI model (data link layer) and when sent, is broadcast to all attached devices on a given network, using the network broadcast address; layer 3 (the network layer) is not used. As a result, if you want to use Wake-on-LAN outside your current network, it requires special configuration. Defensebolt Wake-on-LAN provides the capability of either waking a computer from the local network or the Internet.

../_images/image149.png

The Wake on LAN (WOL) page at Services > Wake on LAN can wake up computers from a powered-off state by sending special “Magic Packets”. The network interface card in the client computer that is to be woken up must support WOL and it must be configured properly. Typically there is a BIOS setting to enableWOL, and non-integrated adapters often require a WOL cable connected between the NIC and a WOL header on the motherboard.

WOL has many potential uses. Typically, workstations and servers are kept running because of services they provide, files or printers they share, or for convenience. Using WOL would allow these to remain in a sleep state to conserve power. When a service is required, the system can be woken up when needed. Another example would be if someone needs remote access to a system, but the user shut it down before leaving the office. Using WOL the target system can be awoken, and it may then be accessed once it has booted.

Warning

WOL offers no inherent security. Any system on the same layer 2 network may transmit a WOL packet, and the packet will be accepted and obeyed. It is best to only configure WOL in the BIOS for machines that need it, and disable it in all others. There are a some vendor-specific WOL extensions that provide some extra security, but nothing universally supported.

Wake Up a Single Machine

To wake up a single machine:

../_images/image519.png
  • Navigate to Services > Wake on LAN
  • Select the Interface through which the target system can be reached
  • Enter the target system MAC address in the format of xx:xx:xx:xx:xx:xx
  • Click Send

DefenseBolt will transmit a WOL Magic Packet out the chosen interface, and if everything went as planned, the system will power on and start to boot. Keep in mind that systems will take some time to boot. It may be several minutes before the target system is available.

Storing MAC Addresses

To store a MAC address for convenience:

../_images/image415.png
  • Navigate to Services > Wake on LAN
  • Click pluse Add under the list of stored MAC addresses to add a new entry
  • Select the Interface through which the target system can be reached
  • Enter the target system MAC address in the format of xx:xx:xx:xx:xx:xx
  • Enter a Description for the entry, such as the target system’s name, owner, or location. For example: “Pat’s PC” or “Sue’s Server”
  • Click Save

Once saved, the entry will be available on the list at Services > Wake on LAN.

Maintaining the entries is similar to other tasks in DefenseBolt: Click edit to edit an existing entryand click delete to remove an entry.

Wake a Single Stored Machine

To send a WOL Magic Packet to a system that has been previously stored:

  • Navigate to Services > Wake on LAN
  • Locate the desired entry in the list
  • Click its MAC address or click the icon in the Actions column The WOL page will reload, and the Magic Packet will be sent. The status of the WOL attempt will also be displayed.

Wake All Stored Machines

../_images/image519.png

To send a WOL Magic Packet to all stored systems at once:

  • Navigate to Services > Wake on LAN
  • Click power butten Wake All Devices under the list of stored addresses.

Wake from DHCP Leases View

To send a WOL Magic Packet from the DHCP Leases view:

  • Navigate to Status > DHCP Leases
  • Locate the desired system in the list
  • Click power butten at the end of the lease row to send a WOL Magic Packet

Note

The WOL function is only available for systems marked offline, meaning they are not in the ARP table on the firewall. If a system was very recently powered off, it can take a few minutes for the ARP entry to expire before it will be marked offline. If a system has been powered off for quite some time,see the previous lease. clicking pluse butten Show all configured leases might be required to

When the link is clicked, the browser will return to the WOL page, and the Magic Packet will be sent.

Save from DHCP Leases View

A MAC address and hostname may be copied to a new WOL mapping entry while viewing the DHCP leases.

  • Navigate to Status > DHCP Leases
  • Locate the desired system in the list
  • Click pluse butten at the end of lease entry
  • Confirm the values on the page, and enter any missing information.
  • Click Save