Cedar0Guitar
asked on
Wake on LAN (Magic Packets) to subnets
Hi Experts
To get SCCM to working to remote subnets. I need to set up my Cisco 6500 forward requests Magic Packets to other remote subnets for the purpose of Wake on LAN. I was hoping for some advice.
SCCM server is sitting on the 10.1.0.0 subnet.
Remote computers are sitting in on subnets 10.20.0.0 & 10.30.00 etc& that are connected via VPN ipsec tunnels.
What commands do I have to issue to the router to forward these WOL to the appropriate subnets.
ip forward-protcol udp 9 ?
To get SCCM to working to remote subnets. I need to set up my Cisco 6500 forward requests Magic Packets to other remote subnets for the purpose of Wake on LAN. I was hoping for some advice.
SCCM server is sitting on the 10.1.0.0 subnet.
Remote computers are sitting in on subnets 10.20.0.0 & 10.30.00 etc& that are connected via VPN ipsec tunnels.
What commands do I have to issue to the router to forward these WOL to the appropriate subnets.
ip forward-protcol udp 9 ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did this help?
ASKER
A little more research. Cisco TAC tells me that this is not possible with out IPSEC Tunnels. any thoughts on this?
ASKER
A little more research. Cisco TAC tells me that this is not possible with our IPSEC Tunnels. any thoughts on this? ......corrected grammer..
Most likely they know better than me. Hmmn. Is it observed not to work? I can imagine a possible code issue with the ipsec interesting traffic not encapsulating the frame. The IPSec in not an interface per se, if the ipsec encapsulation code does not permit directed broadcast, then it does not.
For some really half assed solutions;
- Put in GRE tunnels to the sites, and enable directed broadcasts on them. You lose 32 bits a packet to the gre, but you can run ospf.
- Statically map arps to interface addresses, and put static mac entries in the switches at the remote sites. Direct the magic packet to individual IP addresses. This would be a operational NIGHTMARE.
- Set the Arp timeout and MAC address timeout on the remote router/switch to ridiculously high numbers at the remote site. Direct the magic packet to individual IP addresses. This would could cause some broadcast storms if a switch interface drops, the arp is active so the traffic gets sent, but the mac address is gone since the port is down and the traffic gets sent to every port on the network.
Hey.... This is an Idea. I claim patent protection on it now. Pick an unused IP address on the remote network, put a static arp entry for it in the remote router with a mac of either an ethernet interface on a machine you know will never be on site, or the actual ethernet broadcast mac address. Send the magic packet to that IP address.
If you feel like experimenting, let me know the make and model of the remote equipment, and I can give you some things to try. also.. Can you chose a unicast IP address for the destination of the magic packet?
For some really half assed solutions;
- Put in GRE tunnels to the sites, and enable directed broadcasts on them. You lose 32 bits a packet to the gre, but you can run ospf.
- Statically map arps to interface addresses, and put static mac entries in the switches at the remote sites. Direct the magic packet to individual IP addresses. This would be a operational NIGHTMARE.
- Set the Arp timeout and MAC address timeout on the remote router/switch to ridiculously high numbers at the remote site. Direct the magic packet to individual IP addresses. This would could cause some broadcast storms if a switch interface drops, the arp is active so the traffic gets sent, but the mac address is gone since the port is down and the traffic gets sent to every port on the network.
Hey.... This is an Idea. I claim patent protection on it now. Pick an unused IP address on the remote network, put a static arp entry for it in the remote router with a mac of either an ethernet interface on a machine you know will never be on site, or the actual ethernet broadcast mac address. Send the magic packet to that IP address.
If you feel like experimenting, let me know the make and model of the remote equipment, and I can give you some things to try. also.. Can you chose a unicast IP address for the destination of the magic packet?
ASKER
I'm giving up on IPSEC Tunnel (for now), but you are right about the "ip directed-broadcast command ". Thank you!