WOL Agent Service on Windows 10 problem

[forseyra]

I have installed the WOL Agent service on a Windows 10 tablet in a remote LAN.

The Router is configured to forward port 9 to the Windows 10 Tablet. Wireshark network traces on the Windows 10 Tablet show the packet being recieved on port 9 from the gateway OK. There is no corresponding broadcast packet being sent to the LAN by WOL Agent service.

NETSTAT -ab shows that the WOLAgent.exe is listening on port 9.

UDP 0.0.0.0:9 : [WOLAgent.exe]

I tried running the WOL Agent service using the built-in Network Service account, as this account has network access rights. This change did not fix the problem.

The WOL Agent service installation program uses the local system account. This gives the WOL agent service excessive security rights.

[basildane]

I've never encountered this problem. The agent will only forward valid WOL packets. Are the packets coming from the WOL program?

There is no event logging in Agent, but I can add it if we need to.

Does your table have multiple networks? Maybe it is bound to the wrong interface?

[basildane]

This could be the local firewall on the Agent computer. Just for a test, disable the firewall. If that works, then we will fix the firewall rules.

[forseyra]

Ok, I have setup a local test bed and reproduced the problem on a Windows 10 desktop with an Ethernet network connection. So the tablet being on WiFi is not the problem.I was at the stage of checking the firewall settings.  Will do further testing Sunday. 

Sent from my Samsung Galaxy smartphone. -------- Original message --------From: Basildane notifications@github.com Date: 23/12/2017 04:32 (GMT+10:00) To: basildane/WakeOnLAN WakeOnLAN@noreply.github.com Cc: forseyra rforsey@tpg.com.au, Author author@noreply.github.com Subject: Re: [basildane/WakeOnLAN] WOL Agent Service on Windows 10 problem   (#90) This could be the local firewall on the Agent computer. Just for a test, disable the firewall. If that works, then we will fix the firewall rules.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/basildane/WakeOnLAN","title":"basildane/WakeOnLAN","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/basildane/WakeOnLAN"}},"updates":{"snippets":[{"icon":"PERSON","message":"@basildane in #90: This could be the local firewall on the Agent computer. Just for a test, disable the firewall. If that works, then we will fix the firewall rules."}],"action":{"name":"View Issue","url":"https://github.com/basildane/WakeOnLAN/issues/90#issuecomment-353642867"}}}

[forseyra]

Basildane

1. I disabled the firewall on a Windows 10 Pro desktop that was running WOL Agent service.

Wireshark showed that it was receiving a Magic Packet on port 9 from the router/gateway and broadcasting it on the local LAN.

So one problem is with the Windows 10 firewall settings.

2. Disabling the windows 10 Firewall did not fix the problem on two Windows 10 Tablets. They only have a WiFi network interface – Ethernet LAN connection.
3. The WOL Agent service should generate a log file. This would be very useful when you are debugging the service at a remote location.
4. I use duckdns.org to obtain the current IP address of the remote site. This runs on the same Windows Tablet as the WOL Agent service.
5. You should apply the principle of least privileges and not run the WOLAgent service under the highly privileged Local System account. As it only needs to listen on port 9 and broadcast on the LAN, it could run as NETWORK SERVICE or better still, a dedicated service account. Worst case for you is if one of the bad guys replaces your agent service code on one of the distributions with some very bad penetration code.

Roger

From: Basildane [mailto:notifications@github.com] Sent: Saturday, December 23, 2017 4:33 AM To: basildane/WakeOnLAN WakeOnLAN@noreply.github.com Cc: forseyra rforsey@tpg.com.au; Author author@noreply.github.com Subject: Re: [basildane/WakeOnLAN] WOL Agent Service on Windows 10 problem (#90)

This could be the local firewall on the Agent computer. Just for a test, disable the firewall. If that works, then we will fix the firewall rules.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/basildane/WakeOnLAN/issues/90#issuecomment-353642867 , or mute the thread https://github.com/notifications/unsubscribe-auth/AEMPq-aIBPRevbVpP72gjeWWNtdrUPmZks5tC-e4gaJpZM4RJWM4 . https://github.com/notifications/beacon/AEMPqy-RVfSc-4IPO4Ie51Or3eSp0BuJks5tC-e4gaJpZM4RJWM4.gif

[basildane]

I have the installer now running the service as NETWORK SERVICE. I am working on the automatic firewall rules, partially working now.

[basildane]

Release 1.2.0

[forseyra]

Basildane, I have tested WOLAgent service v1.2.0 on a Windows 10 Pro version 1709 desktop and a tablet running Windows Home version 1607. The tablet is using a WiFi connection.

Testing was by using the external IP address of my network. Wireshark showed the UDP Magic packet being received from the router external address and being broadcast on the internal LAN. Works OK on both platforms.

I had a look at the new Windows Firewall rule for the Aquila WOL Agent and recommend that you set the profile in Advanced settings so that the rule only applies to Domains and Private networks, i.e. removing it from Public networks.

I also installed WOL Agent service version 1.2.0 on the Aldi Tablet running Windows 10 Home version 1511 in the remote site. The tablet is on WiFi.

Wireshark showed the Magic packet being received by the tablet, but no corresponding broadcast Magic Packet from the WOL Agent service.

So the next step would be a version with logging so you can see what’s happening on the Tablet.

Roger

PS Happy New Year

From: Basildane [mailto:notifications@github.com] Sent: Friday, December 29, 2017 3:25 AM To: basildane/WakeOnLAN WakeOnLAN@noreply.github.com Cc: forseyra rforsey@tpg.com.au; Author author@noreply.github.com Subject: Re: [basildane/WakeOnLAN] WOL Agent Service on Windows 10 problem (#90)

Release 1.2.0 https://github.com/basildane/WOLAgent/releases/tag/v1.2.0

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/basildane/WakeOnLAN/issues/90#issuecomment-354314829 , or mute the thread https://github.com/notifications/unsubscribe-auth/AEMPq4FebWfL1mqSAzB80eQPKhMvnp8gks5tE8DWgaJpZM4RJWM4 . https://github.com/notifications/beacon/AEMPq5r1dG_35UZhU5RfUP6WjKkM_T4mks5tE8DWgaJpZM4RJWM4.gif