09-13-2017 02:09 AM - edited 02-21-2020 06:17 AM
Hi
We are trying to allow UDP broadcast 9 packets via the firewall. Basically WOL packets needs to be send from one network segment to another. And we are also aware
'' In routed firewall mode, broadcast and multicast traffic is blocked even if you allow it in an access rule, including unsupported dynamic routing protocols and DHCP. You must configure the dynamic routing protocols or DHCP relay to allow this traffic.''
We tried the following a blog which mentioned tricking the ASA to capture the broadcast packet, and NAT this as a Unicast to the broadcast address of the destination address.
https://**bleep**.technology/forwarding-wake-on-lan-using-a-cisco-asa
The above didn't work for us, may be we did it wrong.
Has anybody come accross the above scenario, and manage to trick the ASA to send broadcast packets.
09-13-2017 06:46 AM
Hello,
WOL uses UDP port 9 and 7. You mention below 9 packets, maybe a typo but just to make sure we are on the same page here.
I´d say this should pass through ASA.
09-13-2017 09:20 AM
09-13-2017 09:25 AM
Which version do you have?
09-13-2017 09:32 AM
09-13-2017 11:56 AM
Actually, this part is on switch side. Only the access-list is on firewall side.
09-14-2017 12:44 AM
09-14-2017 01:59 AM - edited 09-14-2017 02:09 AM
Alright,
One thing you can try is packet inspection. Firewall usually don't like UDP cause have no connection.
I don't know if WOL exist in the inspection list.
policy-map global_policy class inspection_default
inspect "wol"???
Try this and let me know.
09-13-2017 02:06 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide