I have an Airport Time Capsule connected to my internet service provider and a Linux server wired to one of the LAN ports on my airport. I want to be able to use the Wake-on-LAN feature to wake my Linux box from sleep/suspend from anywhere — not just from my local network.
First approach that partially works
I've gone into Airport Utility and set up a stable IP based on the MAC address of my Linux box's Ethernet controller. I then set up port forwarding for magic packets on public UDP port 29999 to private port 9 and the 10.0.1.x address I assigned to my linux box.
This works from both outside and inside my network, but only for about 15 minutes after the linux box sleeps. After that I guess the Airport loses track of it and doesn't know where to route the packet.
Second approach that seems like it would work
If I forward the magic packet to the broadcast IP for my network, 10.0.1.255, then the box does wake even after a long time has passed…at least that works from my local network where I can tell the wake program on my Mac or WOL app on my phone which address to send the packet to.
But I can't test it from outside my network because the Airport Utility won't let me forward to .255.
Fix for this
I found several posts (which I can't find again today) that say if you can't forward to the broadcast IP at 10.1.0.255 to set the subnet mask to 255.255.255.128 and then forward to 10.1.0.127, but Airport Utility doesn't have anywhere to set the subnet mask.
I found another post yesterday (which I can't find today) which suggested exporting the Airport Utility configuration file and editing the subnet mask in there and reuploading. I did that, but it didn't work.
TL;DR
I need to port forward a Wake-on-LAN magic packet from the Internet, through my Airport Time Capsule to the broadcast IP of my private local network.
The broadcast address is 10.0.1.255, but Wake-on-LAN won't let me enter 255.
How can I wake my Linux box from the Internet? Is there a way to send the packet to the broadcast IP? Is there some other solution that changing the subnet mask?
Is there some other solution that I should be thinking about?
Best Answer
The configurability of the Apple routers is (for some advanced use cases like the one you describe) perhaps a bit lacking. I hope someone else can provide a definitive answer as to whether it will be possible to actually broadcast that WOL packet using only the router!
I propose to you an alternative that is slightly more complex (and therefore not ideal), but to me feels like a robust approach that will work in all home network environments, so that you can avoid relying on any advanced capabilities of the network hardware.
The idea would be to set up a machine on the LAN (such as a $5 Raspberry Pi whose power draw will likely be comparable to that of your linux server in S3 suspend) that is always running and which you may access remotely. However this is done is entirely up to you, you may connect them via WiFi or Ethernet and with static or DHCP addressing, and this is what I mean by flexibility, you may have to do specific configuration to deal with the NAT traversal and security aspects. As it applies to your situation (similarly to you, I have an Apple router as well) you'd probably just assign this machine's MAC to a static IP and forward the ports needed for remote access, such as port 22 for SSH, port 3389 for Windows RDP, port 5900 for VNC, and that's about it. It's hard to beat something like using SSH with a private key for passwordless secure access.
The other piece that will be relevant is if you have residential service from your ISP, your router's IP will be dynamic, and a service should be set up to periodically check that this address has not changed. I implement this myself using a cronjob and a python script that sends emails to me, but you can readily find tools to handle that job. Indeed, this aspect of residential internet service is hard to address without a programmable client machine, although I'd imagine that highly configurable routers might offer equivalent functionality.
Once you set things up to allow you to reliably and securely access your machine from the wider internet, you can now use that to broadcast the WOL packet on the LAN, at which point you may connect to the woken-up host via the usual means (which may also require configuration).
I just like this approach because it's so powerful and you can administer many more aspects of your home remotely once you have this kind of setup.
I have more than enough raspberry pi's but I already have desktops (which happen to run Windows) that I keep running 24/7 at home, so when I need to send a WOL to my macbook (if it's at home, it will be sleeping) I can just use any of those machines to do the job since they're going to be up all the time.
But if you have a small and low power machine you can just set it and forget it on the network and it will just always be there for you, that peace of mind is really great.