Intel AMT ACM activated but Intel AMT tab grayed out

[raystek]

My Dell server is running AMT v. 9.1.45. The meshcontral agent shows ACM activated and secured with TLS. But in the device page the Intel AMT tab is grayed out, as well as the HW Connect button. Any advice would be appreciated.

[jsastriawan]

If Meshcentral can connect to your AMT device directly it should not be grayed out. Most likely there is no direct connection from Meshcentral to your AMT device. To make AMT features to work, you need to activate CIRA. It means AMT will call Meshcentral server to allow port forwarding via this TLS tunnel.

Go to your Device Group setting and set AMT policy to Automatic. It should reconfigure CIRA on reconnection. Make sure you set the AMT password too. To trigger reconfiguration, you can go to device console and perform soft disconnect agent connection.

Let me know if it helps.

[raystek]

The device group's AMT policy was already set to Automatic and I entered the correct password. The agent's General tab shows ACM activated with TLS. No red flags.

I then went to the device console tab and discovered that the "apf tunnel" is off. I do not know what "apf" stands for. I checked other working AMT devices and their "apf tunned" is ON.

I then did a soft reset. The apf tunnel was ON for a brief moment and then went off again.

[thermionic]

I'm not aware of any Dell servers with AMT as Dell servers use iDRAC, however, as the device is running AMT 9 (which requires TLS 1.1 or 1.0), this could be a TLS issue with the CIRA server in MeshCentral.

On Linux I'd suggest using https://testssl.sh to test, and on Windows https://github.com/nabla-c0d3/sslyze

Don't forget to specify the CIRA port (default is 4433) when testing.

[amoljagdalepucsd]

Hi @raystek @thermionic , I am facing issue while activating Intel AMT on remote devices. we hosted Meshcentral server and trying to activate amt on internet . I have raised question about it. please have a look and help (https://github.com/Ylianst/MeshCentral/discussions/5899)