5268AC Router Wake On Lan (WOL)

See if this forum entry helps: Wake on LAN

@ApexRon,

Thank you, I did review that posting well before i added this post.

That post you referred to goes back to Dec 2015 and there has been no new firmware or annoucments about the AT&T router(s) correcting this issue.

I fear the only thing i can do is purchace another router that supports static arp entries, put the AT&T router in bridge mode and do all firewall and port forwarding on that router.

There is so much misinformation about WOL, and the issue has been raised so many times over several years.  It's clear to me AT&T has no interest in helping members who would like the abiltiy to access thier computer while traveling without haveing to leave the computer running 24/7.

Wake on LAN is not intended to be a routable protocol, hasn't any authentication, and has the issues that you describe when you attempt to use it from the Internet.  I would not expect any changes in the AT&T Gateways to try to provide your desired functionality.  You might find what you're looking for in a third party router, however.

@JefferMC

Thank you, and while I agree about the inital usage of WOL in October 1996 by Intel & IBM.  Since then it has evolved into a much wider RFC based protocal and usage including Remote Wake-Up, Power on by LAN, Resume by LAN, Resume on LAN, Wake Up on LAN and Apple Bonjour wake-on-deman (Sleep Proxy).

There is way too much incorrect information given about WOL and there has been improvements such Data Securty (see below).

Remote wake-up is possible from another network using subnet directed broadcasts (see below) or a WOL gateway service.

While no one can force AT&T to adopt any specifc usage, they could, if they choose to, add the ability to enter static arps.  This is covered in part in RFC 7342 and is well  accepted pratice by many other router vedors.

Subnet directed broadcasts:

A principal limitation of standard broadcast wake-on-LAN is that broadcast packets are generally not routed. This prevents the technique being used in larger networks or over the Internet. Subnet directed broadcasts (SDB) may be used to overcome this limitation. SDB may require changes to intermediate router configuration. Subnet directed broadcasts are treated as normal network packets until processed by the final (local) router. This router converts the packet into a true broadcast packet. This technique allows a broadcast to be initiated on a remote network but requires all intervening routers to forward the SDB. When preparing a network to forward SDB packets, care must be taken to filter packets so that only desired (e.g. WoL) SDB packets are permitted — otherwise the network may become a participant in DDoS attacks such as the Smurf Attack.

Data privacy:

Some PCs include technology built into the chipset to improve security for Wake-on-LAN. For example, Intel AMT (a component of Intel vPro technology), includes Transport Layer Security (TLS), an industry-standard protocol that strengthens encryption.

AMT uses TLS encryption to secure an out-of-band communication tunnel to an AMT-based PC for remote management commands such as Wake-on-LAN. AMT secures the communication tunnel with Advanced Encryption Standard (AES) 128-bit encryption and RSA keys with modulus lengths of 2,048 bits. Because the encrypted communication is out-of-band, the PC’s hardware and firmware receive the magic packet before network traffic reaches the software stack for the operating system (OS). Since the encrypted communication occurs “below” the OS level, it is less vulnerable to attacks by viruses, worms, and other threats that typically target the OS level.

IT shops using Wake-on-LAN through the Intel AMT implementation can wake an AMT PC over network environments that require TLS-based security, such as IEEE 802.1x, Cisco Self Defending Network (SDN), and Microsoft Network Access Protection (NAP) environments. The Intel implementation also works for wireless networks.

AT&T Gateways don't support UPnP, for which there is a much larger audience.  I wouldn't hold my breath.