Hi
I have a fortigate 60E which has my desktop and a synology box connected to it.
Both devices are on the same subnet and connected to the hardware switch on the Fortigate.
I have made the necessary changes in windows i.e
Turn off fast startup on windows 10
Power management on the nic properties in device manager - all 3 boxes ticked.
And also in the BIOS
Motherboard - Asus Z170i Pro Gaming board - Enabled PCI/e wake on lan
I run a script via the task scheduler of my Synology DS918+ which i found on this site
https://www.nextofwindows.com/how-to-wake-up-windows-machine-via-wol-from-synology-nas
When running the task my PC doesn't appear to power on.
What I would like to achieve is, VPN on to my home network from my work machine ( which i am able to at the moment) then browse to the Synology DSM and run the task to power on my pc.
Am i missing something? What configurations do i need to make on the forigate?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Wake on lan is a broadcast action, are there any logs for your broadcast address of the subnet you use at the fortigate? At what address did you configure synology to send wake on lan packets???
Orestis Nikolaidis
Network Engineer/IT Administrator
I am quite new to Fortigate products so apologies for my lack of knowledge.
How would i check these logs for the broadcast address?
At the moment all devices are on the same subnet 192.168.1.x
my synology is connected to ports 4 and 5 on the fortigate
port 7 will be a trunk port to my bedroom which connects to a switch, where my desktop connects in to.
In the future i will be breaking this up into different Vlans
does this help?
Wake on LAN is an ethernet broadcast (ff:ff:ff:ff:ff:ff) wich means it doesn't leave your broadcast domain. It isn't easily routed either, but there are ways to hack it, UDP-relays etc. Or: https://forum.fortinet.com/tm.aspx?m=145582
The Fortigate will to my knowledge not forward ethernet broadcasts. You can try to enable the forwarding of non-ARP broadcasts on your interfaces, but I think that only works in transparent mode. In your case, easiest solution would be to use a standard L2 switch.
Richie
NSE7
I don't know how synology use WOL, but in my case where i have a windows server and many pc's to wake, i have installed a third party app wich sends the magic packet. In this app i had to configure wich was the bcast address where to send the magic packet.
In my case i have 192.168.1.0/24 which is my servers subnet and 192.168.2.0/24 which is my pcs subnet.
When i want to wake a pc from my server i configured the app to send the magic packet to 192.168.1.255 to port 9. Then i forwarded this address (192.168.1.255) to 192.168.2.255 from port 9 to port 9 (or you can forward all ports).
This worked for me.
WOL and things like this which needs to broadcast something are just hell.
For example in cisco L3 devices you need to enable ip helper address to do things like WOL.
In fortigates you have to enable broadcast forward.
config system interface edit <external_intf_name> set broadcast-forward enable end
Also take a look at the next two articles
https://kb.fortinet.com/kb/documentLink.do?externalID=FD30104
https://forum.fortinet.com/tm.aspx?m=69328
Orestis Nikolaidis
Network Engineer/IT Administrator
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.