CIRA not working

[leuvi]

hi Ylianst There are some problems that have bothered me for a long time！

meshcentral version: 0.7.89 Policy config: Simple Client Control Mode (CCM) + CIRA

console amtevents log:

amtevents 14:02:00, LMS tunnel start. 14:02:00, Checking Intel AMT state... 14:02:16, Deactivating CCM... 14:02:17, Deactivation successful, holding for 1 minute... 14:03:18, Succesfully activated in CCM mode, holding 10 seconds... 14:03:30, Intel AMT connected. 14:03:30, Performing clock sync. 14:03:34, Performing Commit()... 14:03:34, Enabled TLS, holding 10 seconds... 14:03:46, Intel AMT connected with TLS. 14:03:48, Added server root certificate. 14:03:50, Created new MPS server. 14:03:50, Created new MPS policy. 14:03:51, Environment detection set. 14:03:52, Enabled redirection features. 14:03:52, Enabled KVM. 14:03:52, Done. 14:03:52, LMS tunnel closed.

I have 133 vPro devices. Some CIRA connections are normal and some are abnormal. Why?

[Ylianst]

Hi. This is a complicated question. Intel AMT is under the operating system and has limited network access. It can only access the network using the special built-in Ethernet port or build-in wireless adapter if it's been enabled. Looking at the "amtevents" above, it does not seem like MeshCentral attempted to enable WIFI adapter in AMT, so I am guessing this computer does not have AMT WIFI. Also, Intel AMT may not have HTTP Proxy settings.

Because of this, it's very possible that the MeshAgent will be able to connect to MeshCentral, but Intel AMT will not be able to connect. For example, if a computer uses a USB Ethernet adapter, 4G Modem or unsupported WIFI adapter... the OS will have drivers to use these and be able to access the Internet... but Intel AMT does not have access to these.

Let me know if this makes sense. You can look for a computer for which CIRA does not connect and plug-in the built-in Ethernet port, that should fix the problem.

Let me know if that helps, Ylian