2018-05-14

Sending Wake-on-LAN packets from a Wi-Fi device or "why you should disable Windows 10 quick boot"

Recently one of my co-workers signed up for doing home office a few days every week. Being the exemplary user he should be (working in IT and all) he tried waking up his office machine using his notebook a few days before he was going to do home office. And against all expectations ... nothing happened.

Being the "go to" guy for odd issues like this he called me over to take a look at his office machine. Expectedly all settings were correct:
  • WOL enabled in the BIOS
  • WOL enabled in the network card settings
  • Windows 10 quick boot disabled
So we tested sending a WOL packet from another machine in the office network to his office machine and the machine woke up as expected. The office machine was obviously correctly configured, which meant that the issue had to be either the notebook or somewhere along the way from the notebook into our network.

The notebook was connected to a DSL router over Wi-Fi and he was using a VPN into the office network, which was also up and running. By connecting the notebook to the router using a cable rather than the Wi-Fi we quickly found out that the Wake-on-LAN worked just fine over a wired connection, even through the VPN.

After testing some more options and also other Wi-Fi networks it became clear that the only constellation that would not work was the notebook being connected to any Wi-Fi.

Based on the experience from a previous issue the next step was to test whether it was a driver issue. Checking both the notebook's manufacturer's and Intel's website showed that we were already running the latest available driver for the Wi-Fi adapter. I still downloaded the latest driver and let Windows try to install it again. No dice. Windows told me that the optimal driver was already installed.

To see if the adapter was even sending out any packets I downloaded Wireshark, installed it, rebooted, connected the notebook to the Wi-Fi and VPN again, started Wireshark and sent the Wake-on-LAN packet ... it worked. How could that be? All I basically did was that I tried to install a newer driver, installed Wireshark (including WinPcap) and rebooted the machine. Was I onto another Heisenbug that would disappear once you try to monitor it?

So I got myself another one of the same brand and model of notebooks and verified that it also displayed the same symptoms. Sending a Wake-on-LAN packet over the Wi-Fi would not work. Then I tried to install newer drivers and rebooted. And voilĂ  it was working. So I got me another notebook, verified that it was not working and this time just rebooted it without trying to install new drivers. And even here I was now able to send Wake-on-LAN packets over Wi-Fi. So neither the attempt to install newer drivers or installing Wireshark played any part in this. Simply restarting was the fix. But why?

And that is when it dawned on me ... Last week I had changed the power setting GPO for notebooks to disable "quick boot". An option we had disabled for regular computers from the start because otherwise we would not be able to wake them up using Wake-on-LAN. But we left it enabled for notebooks because the users like it when the devices boot slightly faster and given the nature of notebooks they are almost never connected to an Ethernet cable when powered off so trying to wake them up would be futile.

But that was a GPO setting, on machine level. Every notebook I had tested was not connected to the LAN when I booted it up. So I got myself another notebook, booted it up without LAN, connected it to the Wi-Fi and VPN, checked the power settings to make sure that "quick boot" was enabled and restarted the machine. After it was back online I checked the power settings again ... and "quick boot" was disabled. So Windows actually noticed that it was now able to reach the domain controllers after the Wi-Fi and VPN were up and updated the machine policies. The reboot then made the new power settings and disabled "quick boot" actually apply. And with the disabled "quick boot" sending Wake-on-LAN packets over the Wi-Fi was now also possible.

The thing here is that the Wake-on-LAN packet was sent through a VPN connection. I have no idea what exactly the "quick boot" option does to the Wi-Fi adapter/driver that prevents that from happening when enabled. If anyone knows, please let me know.

Until then:
If you want to be able to wake your machine up using Wake-on-LAN, disable "quick boot".
If you want to be able to wake up another machine using Wake-on-LAN and you are connected to a Wi-Fi, disable "quick boot" too.
Or just disable "quick boot" anyway and be on the safe side.


[1] https://twitter.com/BeingSysAdmin/status/996155132428668928
[2] https://www.reddit.com/r/SysAdminBlogs/comments/8jggc1/sending_wakeonlan_packets_from_a_wifi_device_or/

No comments: