Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AjaySajjan
New Contributor

Help configuring wake on lan

Hi

 

I have a fortigate 60E which has my desktop and a synology box connected to it.

 

Both devices are on the same subnet and connected to the hardware switch on the Fortigate.

 

I have made the necessary changes in windows i.e

Turn off fast startup on windows 10

Power management on the nic properties in device manager - all 3 boxes ticked.

And also in the BIOS

Motherboard - Asus Z170i Pro Gaming board - Enabled PCI/e wake on lan

 

I run a script via the task scheduler of my Synology DS918+  which i found on this site

https://www.nextofwindows.com/how-to-wake-up-windows-machine-via-wol-from-synology-nas

 

When running the task my PC doesn't appear to power on.

 

What I would like to achieve is, VPN on to my home network from my work machine ( which i am able to at the moment) then browse to the Synology DSM and run the task to power on my pc.

 

Am i missing something? What configurations do i need to make on the forigate?

4 REPLIES 4
orani
Contributor II

Wake on lan is a broadcast action, are there any logs for your broadcast address of the subnet you use at the fortigate? At what address did you configure synology to send wake on lan packets???

Orestis Nikolaidis

Network Engineer/IT Administrator

Orestis Nikolaidis Network Engineer/IT Administrator
AjaySajjan

I am quite new to Fortigate products so apologies for my lack of knowledge.

 

How would i check these logs for the broadcast address?

 

At the moment all devices are on the same subnet 192.168.1.x

my synology is connected to ports 4 and 5 on the fortigate

port 7 will be a trunk port to my bedroom which connects to a switch, where my desktop connects in to.

 

In the future i will be breaking this up into different Vlans

 

does this help?

kallbrandt

Wake on LAN is an ethernet broadcast (ff:ff:ff:ff:ff:ff) wich means it doesn't leave your broadcast domain. It isn't easily routed either, but there are ways to hack it, UDP-relays etc. Or: https://forum.fortinet.com/tm.aspx?m=145582

The Fortigate will to my knowledge not forward ethernet broadcasts. You can try to enable the forwarding of non-ARP broadcasts on your interfaces, but I think that only works in transparent mode. In your case, easiest solution would be to use a standard L2 switch.

Richie

NSE7

Richie NSE7
orani

I don't know how synology use WOL, but in my case where i have a windows server and many pc's to wake, i have installed a third party app wich sends the magic packet. In this app i had to configure wich was the bcast address where to send the magic packet.

 

In my case i have 192.168.1.0/24 which is my servers subnet and 192.168.2.0/24 which is my pcs subnet.

When i want to wake a pc from my server i configured the app to send the magic packet to 192.168.1.255 to port 9. Then i forwarded this address (192.168.1.255) to 192.168.2.255 from port 9 to port 9 (or you can forward all ports).

 

This worked for me.

 

WOL and things like this which needs to broadcast something are just hell.

For example in cisco L3 devices you need to enable ip helper address to do things like WOL.

In fortigates you have to enable broadcast forward.

 

config system interface edit <external_intf_name> set broadcast-forward enable end

 

Also take a look at the next two articles

 

https://kb.fortinet.com/kb/documentLink.do?externalID=FD30104

 

https://forum.fortinet.com/tm.aspx?m=69328

 

 

Orestis Nikolaidis

Network Engineer/IT Administrator

Orestis Nikolaidis Network Engineer/IT Administrator
Labels
Top Kudoed Authors