I have task from my superiors and I can’t figure out.
We use Remote Desktop Protocol for colleagues to connect to their PC from everywhere to office.
The disadvantage is that PC cannot power off or sleep. We need to reduce the energy cost so i have to find a solution for it.
My plan is to use a script, when de RDP connection request is receiving, a script starting a WOL command,. but… I have no idea how to do it. Could somebody help me with this script?
The other method would be a mobile app for WOL over port 9. But something is not working. Magic packet is filtered out or is not compatible with my router, ( tool wol … command is working )
Unfortunately, there is no easy way of doing this. Mikrotik can do a LOT with the firewall rules and scripts, but there is no built-in mechanism to trigger a script based on firewall rule.
I can think of two workarounds:
Prefered way - I hope (please, don’t disappoint me!) that every employee connecting to office uses a VPN. If not, implement it ASAP because using bare RDP over internet is asking for troubles. Advantage of this approach is that:
The connection is protected.
You can trigger script on user’s login! suddenly, whole task becomes easy. Once again, you will have to specify MAC per each user, but that will be easy because you know exactly what person is connecting based on username. The script is assigned per profile so you can either:
create separate profile per each destination PC (and then you can name profiles based on PC names and assign them to each user/secret). Then the script is simple as you just call WOL with correct MAC in each profile.
****use only one profile (easier to configure) and distinguish individual users by the variable
$user
which is passed to the script. Again, you will need a translation table or many if/else to assign each user a corresponding MAC.
alternative (unsecure) way, if you can’t use VPN and all RDP go just via port-forwarding - make a mangle rule, which will be triggered by your RDP connection and set the action to “add DST to address list”. Then, create a script, which will check the list and based on IP address, send a WOL to corresponding computer. You will have to manually specify a MAC per each IP in the script, because at the time when you run the script (and PC is sleeping) there won’t be any ARP entry. That also means, your computers need static IP (either manually entered or via reservation in DHCP server) but I assume you would already have that in place, because without static IP, your port-forwarding won’t work correctly.
This is just simple mind exercise. I have not implemented any of these methods, but I think it shouldn’t be hard once you know what you want to do. Give it a try If your implementation fails, get back here with more details what exactly you tried and what exactly failed. Always try to isolate the problem to smallest possible denominator (e.g. it is useless to know that “it does not work”, when I don’t know if the script did not run at all, or script run but WOL did not work or …)
I’ve come to conclusion that the easiest way to wol a pc in remote network is running a small bash script that will connect to mikrotik by ssh and run a wol command.
A special user can be used for that: only ssh and test permissions are needed.
But anyway, ssh port open to outside network is not a good idea, so I recommend to use it only from VPN.
If your implementation fails, get back here with more details what exactly you tried and what exactly failed. Always try to isolate the problem to smallest possible denominator (e.g. it is useless to know that “it does not work”, when I don’t know if the script did not run at all, or script run but WOL did not work or …)