Remote WoL

My initial Wake-on-Lan article is currently receiving more attention than any other page on this site. In addition, people seem to be particularly interested in how to send a magic-packet remotely over the internet or across subnet boundaries to enable cold power-up from virtually anywhere in the world.

The Problem Revisited: In my initial article I mentioned that getting the magic-packet with the target MAC address transmitted across subnets is technically impossible as the datagram needs to be sent to the reserved broadcast IP address of the subnet to which the target machine is physically connected to (this has to happen because the target machine does not have an IP registered in its network interface and is thus not directly addressable). A subnet broadcast datagram may only be sent by a machine within that subnet, which rules out any chance of direct remote WoL (i.e. sending the magic-packet from a machine and having it routed over the internet/intranet to the target subnet).

The proposed workarounds I mentioned for this focused on a two-step process: first, remotely connect to an always-on device in the target subnet via VPN/SSH/VNC/HTTPS; and second, execute a command on this device to generate the magic-packet broadcast on the target subnet, thus reaching the powered-off target machine. The solutions I hinted at included custom/hacked router firmware, VPN connections to other machines, or remote connecting to a custom NAS box.

The Easy Solution: I have now found a simple and cheap method for getting remote WoL to work in a private home network. In a nutshell: remote connect to the WebUI of a router in the subnet running Tomato Firmware and simply trigger the magic-packet from the WoL page.

Tomato Firmware is a free open-source firmware package that can be installed on a selected list of compatible routers to replace their proprietary manufacturer software (check their website for supported models). I bought a Linksys WRT54GL for around $60 specifically for this and it works fantastically (see my article on Supercharged Routers for a discussion of additional benefits of Tomato)!

Once you’ve flashed your router with Tomato and gone through the initial configuration (change admin password and enable WiFi security to start with), you’ll need to enable remote admin Web access. Do this by clicking on Administration in the left-column menu, and selecting either HTTP or HTTPS in the Remote Access drop-down box (see screenshot below). I strongly recommend using HTTPS for SSL security, otherwise you’ll expose yourself to sniffers and hackers (make sure to also choose a strong admin password that no-ones likely to ever guess). Make sure to also pick an appropriate port for remote connections. Some ISPs block port 80. Port 443 is standard for HTTPS, but if also blocked, you can use anything really.

Once you have enabled remote access, you should be able to connect to your router by typing in your WAN IP address and port number into a browser from any computer connected to the internet (get your WAN IP address from the Status page in the WAN section). If you don’t want to remember your IP, or your ISP assigns your IP via DHCP, then you can configure the Dynamic DNS (DDNS) service in Tomato via an external service account such as such that you can use a friendly static hostname to always refer to your WAN IP over the internet. I won’t go into detail on how to do this here. Look up appropriate documentation online, there’s plenty out there, and it’s well worth the trouble.

Now that you can connect to your router’s Web interface remotely, all you have to do is click on WOL in the left-column menu, type the target MAC address(es) in the MAC Address List (or copy-paste from the ARP cache above) and click Wake Up! It’s as simple as that! Your router will not generate the appropriate magic-packet/s and broadcast to your subnet. Any attached network interfaces with matching MAC addresses and WoL enabled will detect these packets and trigger the power-on sequence.

Closing Thoughts: This is not the only solution for remote WoL access. I suspect many other open-source firmware packages such as OpenWRT or DD-WRT have similar features. Tomato also has a feature for SSH login and the ability to upload custom scripts to the box. So even if the WebUI WOL feature wasn’t there (or you didn’t want to enable remote access to it) you could still get this to work via other means. The main enabler is being able to remote-connect to your router and your router giving you the freedom to run whatever script you want. Pretty cool, huh!


  1. I will not go into details on how to do this here. Look up appropriate certification on the Internet, there is a lot out there, and it’s well worthwhile.

    remote computer access


Post a Comment

Popular posts from this blog

Wkhtmltopdf font and sizing issues

Import Google Contacts to Nokia PC Suite

Can't delete last blank page from Word