R7450 Wake on Internet

I don't use WoL, so I know nothing, but...

> Ideally, powering on the PC could be done through my Android phone but
> I also have a Macbook. Either one works for now. [...]

   But that's when those devices are on your LAN, not when they're
remote, right?

> Options I've seen: [...]

   "seen" where?  (How am I supposed to learn everything about this
stuff without helpful links?)

> 1. Set up a DMZ in router settings (seems like a terrible idea, being
> that this is my primary PC)

   I'd avoid DMZ on general principles, but it's not obvious to me how
you'd get anything like the WoL magic packet through that path.

> 2, Set up some sort of SSH tunnel via ethtool(?) on the Linux server
> then use an Android SSH client?

   How would that work if "the Linux server" is powered off?  SSH to
what?

3. Install Telnet [...]

   On what?  And then use it to talk to what?

> [...] and set up a Static ARP IP (still seems like another risky
> option)

   I'd need more details before I could pretend to understand that
scheme.  (Because I know _what_?)

> 4. VPN in router settings?

   Perhaps.  My VPN expertise is also negligible.

   My (limited/uncertain) understanding of WoL is that you really want a
device with an always-on presence on the LAN, so that it could broadcast
a (magic) packet which would get to your sleeping device.  It sure would
be handy if your router (which is always on, and on your LAN) could do
this.  Sadly, so far as I know, no Netgear consumer router offers such a
feature.

   There could easily be some clever scheme (of which I'm ignorant)
which would let you do this without adding hardware.  With my current
burden of ignorance, however, I'd be looking to add something like a
Raspberry Pi (Zero W?), to leave running on the LAN.  I haven't looked
(so I know -- that's right -- nothing), but I'd bet that there's some
WoL software available there, and you should be able to SSH into that.

   I'll assume that you know enough not to enable port forwarding from
_external_ port 22 to anything, but I can explain if you don't.

Thanks for the quick reply @antinode 

Here are sources for the aforementioned "options":

1. DMZ setup for WOI via Android

2. SSH WOI from Linux to Linux

3. Telnet into router for ARP entry

4. VPN sounds promising but still unsure if that can be done for my needs through Netgear's feature.
Android is giving me general parsing errors trying to import the 'client_phone.ovpn' file Netgear is spitting out.

I'll keep trialing the OpenVPN soltion for now. May end up leveraging the always-on Pi connected to the router if all else fails... Really appreciate the help either way. 

So OpenVPN works fine for access when PC is powered on, but the router 'forgets' the PC's IP a few minutes after power off. (i.e. WOL is useless after that tiny window after shutdown). Even testing with port forwarding, firewall exceptions and NAT filtering disabled I can't get this to work via Android...

Apps used:

https://play.google.com/store/apps/details?id=co.uk.mrwebb.wakeonlan

https://play.google.com/store/apps/details?id=com.bitklog.wolon

   Again, bear in mind how much I know abou WoL, ...

> [...] but the router 'forgets' the PC's IP a few minutes after power
> off. (i.e. WOL is useless after that tiny window after shutdown). [...]

   There are two addresses of interest for this stuff: the IP address
and the MAC address.  Port forwarding (and, I assume, your VPN) works at
the IP-address level.  WoL works at the MAC-address level.  The router
might remember the IP address longer than you think (DHCP lease time =
1 day?), but the IP-MAC association might evaporate much sooner.  The
connection between the two is ARP:

      https://en.wikipedia.org/wiki/Address_Resolution_Protocol

And ARP relies on link-layer broadcast messages (MAC address
"FF:FF:FF:FF:FF:FF") which is the kind of thing which I might expect to
get blocked by an IP-level transport like, say, a VPN.

   That's why having a gizmo like a Raspberry Pi on the LAN is
advantageous for something like remote WoL.  You can talk to it at a
high (routable) level (SSH, say), and it can shout at its immediate
neighbors using low-level (link-layer) broadcast messages.

   Port forwarding in a router (or use of a VPN?) can get a message
addressed to the destination LAN IP address, but, unless the router can
translate that IP address into a (local) MAC address, that's the end of
the line.  Which may be why that third article talks about stuffing the
router's ARP cache with an artificial (permanent?) ARP entry.

   But "permanent" is a relative thing, and you'd need to do that every
time the router starts, unless you can find a way to jam those data into
the non-volatile firmware storage.

   As for Telnet access to your router, which might let you do any of
that, I wouldn't depend on it.  Netgear appears to have been removing
that (undocumented, unsupported) feature from various models in recent
times.  Whether that's intentional or just another blunder is not
obvious.  See, for example (different model):

      https://community.netgear.com/t5/x/x/m-p/1786837

   You can try it, but I wouldn't be amazed by a failure, and, even if
it works today, the next firmware version could break it.

   Everything's complicated.

Got that right @antinode  I think the Pi is the solution. Also thinking smart strip probably quickly/cheaply solves my travel needs here. 

Reboot at end of any VNC session. Cut power at login screen via smart strip app, then restore for next VNC session and repeat...

Either way, afraid I'm tapping out of the router config solutions for now. Thanks again for all the help.