HOWTO: rest_command for OPNsense WoL

JollyRgrs · November 16, 2025, 10:10pm

I use the built-in WoL just fine for my dekstop PC, but I have a work laptop on my guest VLAN, due to the different subnets, it is much easier to do WoL through opnsense directly instead of trying to traverse across subnets.

I pulled a lot of documentation together and even used gemini to try and help sus out some of my issues. In the end, gemini (as one might expect) gave me a lot of “almost good” information. rather, good information, but not 100% right. Unfortunately, I never found an example in the wild that was what I needed so I had to piece things together. I just wanted to put this here in case anyone else is struggling with it.

This allows you to do WoL via OPNsense when using the os-wol plugin. I already had a user account for HA with an API key. I just had to go into that user and add the permissions for “Services: Wake On LAN”.

In secrets my URL is:

opnsense_wol_api_url: https://opnsense.mydomain.tld/api/wol/wol/set

Obviously, replace the domain with what points to your OPNsense box.

Add the below as a rest_command in your configuration yaml

opnsense_wol_device:
  url: !secret opnsense_wol_api_url
  method: POST
  verify_ssl: true # Set to false if you are using self-signed certs and don't trust them
  headers:
    Content-Type: "application/json;charset=UTF-8"
  payload: >
    {
      "wake": {
        "interface": {{ interface_name |tojson }},
        "mac": {{ mac_address |tojson }}
      }
    }
  authentication: basic
  username: !secret opnsense_api_key # The API Key ID from OPNsense
  password: !secret opnsense_api_secret # The API Key Secret from OPNsense

When you go into developer tools and actions, choose "opensense_wol_device (rest_command.opnsense_wol_device) or whatever you changed the name to.
You need to enter yaml mode so you can provide the interface_name and mac_address.

*** If anyone can tell me how to make HA prompt for those fields in UI mode, please tell me. ***

action: rest_command.opnsense_wol_device
data:
  interface_name: "opt3"
  mac_address: "DE:AD:BE:EF:CA:FE"

Note for the interface name, it must be the “opt” type interface name, the friendly name you give it (e.g. “GuestVLAN104”) cannot be used. Either name, you will get a return with status 200, but the content status will be “OK” only if it was correct, otherwise I only received a blank (“[ ]”) if invalid.

c0mpleX · March 28, 2026, 10:44am

I tried your config, but it didn’t work for me.
I got the Status 200 with an empty response so after some reading in the opnsense forum and trial and error I got it working with this config:

rest_command:
  opnsense_wol_device:
    url: !secret opnsense_wol_api_url
    method: POST
    verify_ssl: true
    username: !secret opnsense_api_key
    password: !secret opnsense_api_secret
    headers:
      Content-Type: "application/json"
    payload: '{"wake": { "interface": {{ interface_name | tojson }}, "mac": {{ mac_address | tojson }}}}'

The main difference is that I removed the ;charset=UTF-8 and moved everything in the payload: into one line.

Also I inserted a blank space before tojson in both lines:
"interface": {{ interface_name | tojson }}
"mac": {{ mac_address | tojson }}

For reference the link from the opnsense forum:

JollyRgrs · March 28, 2026, 7:07pm

Interesting. It has been a little bit but if I recall, setting the utf-8 was necessary on my end. I use this literally every day. my alarm in the morning during the work week will turn on my laptop, using this WoL method that I copy/pasted to here.

I’m interested as to why you had the issues you did and why your small changes fixed it for you. Unfortunately I am also not so interested as to spend time going down this rabbit hole (I’m already in 5 other rabbit holes at the moment). I’m glad it worked for you and hopefully between our two configurations it should help out others who are trying to do this.