I am working on an SCCM project that requires powering on computers in the middle of the night to run updates. SCCM can send the WoL packets, but I am struggling to figure out how to pass this across routers. Our core router is a Dell PowerConnect 6248.
I see from the docs that the 62xx switches support forwarding directed broadcast, which seems like a good start. However, having this on globally (which seems to be the only option) exposes us to some attacks. Would the best way of setting this up also include setting up ACLs on the egress interface to only allow UDP port N traffic from host IP to leave the interface? Is there another way of achieving this?
NB - I already looked into IP helper, but this only passes broadcasts from a subnet to a specific IP address, wheras WoL is the other way around.
Example:
We want to pass WoL traffic between 10.0.0.0/24 and 10.0.1.0/24, which are separated only by a router.
So the computer sending the WoL packet is 10.0.0.1, router is 10.0.0.254 and target could be any computer in 10.0.1.0/24 (specified in each WoL packet).
