WOL office machine through l2tp vpn and broadcast in the office subnet
Options
Freshman Member
I try to wake up some machines in the office by wol. L2TP works but udp packages sent to the office-subnet-broadcast never arrive.
What do I have to open to be able to send broadcast packeges to the office subnet.
L2TP has ip like 10.0.13.x
Office Subnet has 192.168.123.x
What do I have to open to be able to send broadcast packeges to the office subnet.
L2TP has ip like 10.0.13.x
Office Subnet has 192.168.123.x
0
Best Answers
-
WebWorks said:
This means a security rule from IPSEC_VPN TO ZyWall, VPN-Range TO Lan1Subnet, Any_UDP Allow should solve the problem?valerio_vanni said:Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".Security rules aren't an issue, here. Nothing is rejectred: you could set allow from everywhere to everywhere, and you'd get same result.The issue is that a broadcast packet is not broadcasted but is taken by Zywall itself, like a little fish going into a whale's mouth.Perhaps you should try with a policy route with option "overwrite direct route", but I'm not confident it will work, people from Zyxel are saying that remote broadcast is something unsupported.You should set up a WOL proxy: a machine on remote network that gets a normal (I mean unicast) package and then broadcasts on LAN.0 -
Thanks for the long and complete answer. I figured about the same.valerio_vanni said:WebWorks said:
This means a security rule from IPSEC_VPN TO ZyWall, VPN-Range TO Lan1Subnet, Any_UDP Allow should solve the problem?valerio_vanni said:Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".Security rules aren't an issue, here. Nothing is rejectred: you could set allow from everywhere to everywhere, and you'd get same result.The issue is that a broadcast packet is not broadcasted but is taken by Zywall itself, like a little fish going into a whale's mouth.Perhaps you should try with a policy route with option "overwrite direct route", but I'm not confident it will work, people from Zyxel are saying that remote broadcast is something unsupported.You should set up a WOL proxy: a machine on remote network that gets a normal (I mean unicast) package and then broadcasts on LAN.
Now I solved the problem with a internal website, based on iis and a wol asp net script.
Runs like a charm and avoids all the problems.1
Master Member
All Replies
-
Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".0
-
Unfortunately... a relay. Even a RaspBerry Pi, but outside the phisical layer, most of the WOL packets are not routable. (there are some exceptions, but the "rule of thumb" i wrote up here quite matches most of the cases)WebWorks said:What do I have to open to be able to send broadcast packages to the office subnet.
0 -
This means a security rule from IPSEC_VPN TO ZyWall, VPN-Range TO Lan1Subnet, Any_UDP Allow should solve the problem?valerio_vanni said:Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".0 -
-
WebWorks said:
This means a security rule from IPSEC_VPN TO ZyWall, VPN-Range TO Lan1Subnet, Any_UDP Allow should solve the problem?valerio_vanni said:Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".Security rules aren't an issue, here. Nothing is rejectred: you could set allow from everywhere to everywhere, and you'd get same result.The issue is that a broadcast packet is not broadcasted but is taken by Zywall itself, like a little fish going into a whale's mouth.Perhaps you should try with a policy route with option "overwrite direct route", but I'm not confident it will work, people from Zyxel are saying that remote broadcast is something unsupported.You should set up a WOL proxy: a machine on remote network that gets a normal (I mean unicast) package and then broadcasts on LAN.0 -
Thanks for the long and complete answer. I figured about the same.valerio_vanni said:WebWorks said:
This means a security rule from IPSEC_VPN TO ZyWall, VPN-Range TO Lan1Subnet, Any_UDP Allow should solve the problem?valerio_vanni said:Zyxel devices don't support broadcasts directed to remote subnet.They are catched from receiver firewall and considered "_to_Zywall" instead of "_to_LAN/DMZ/etc".Security rules aren't an issue, here. Nothing is rejectred: you could set allow from everywhere to everywhere, and you'd get same result.The issue is that a broadcast packet is not broadcasted but is taken by Zywall itself, like a little fish going into a whale's mouth.Perhaps you should try with a policy route with option "overwrite direct route", but I'm not confident it will work, people from Zyxel are saying that remote broadcast is something unsupported.You should set up a WOL proxy: a machine on remote network that gets a normal (I mean unicast) package and then broadcasts on LAN.
Now I solved the problem with a internal website, based on iis and a wol asp net script.
Runs like a charm and avoids all the problems.1
Guru Member
Zyxel Employee
Categories
- All Categories
- 438 Beta Program
- 2.7K Nebula
- 188 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 455 USG FLEX H Series
- 303 Security Ideas
- 1.6K Switch
- 81 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 279 Service & License
- 436 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 91 Security Highlight
