Has Anyone Actually Gotten vPro (Intel AMT) to Work?

I made sure to buy the CPU with vPro as well as the Wi-Fi card with vPro. The last time I was trying to figure out why my Framework wasn’t working with vPro and my other machines were, I emailed support and even had them double-check that the Wi-Fi card was a vPro card.

No matter what I do, I cannot get vPro to work. It’s enabled. Network is active, fqdn is set. User consent turned off, etc all the normal stuff.

However MeshCommander cannot see it and going to http://ip:16992 and https://ip:16993 does not load the web interface.

Has anyone gotten this to work you your framework? All I can think of is my Wi-Fi card really isn’t vPro as they said when I ordered it so it isn’t intercepting traffic… but they checked it is so I am out of ideas.

How strange! I’ve definitely had this work. I used it to capture some of the images in my firmware deep dive blog post series, as well as putting it through its paces for remote control. I followed roughly the same set of steps as you outlined as well.

What operating system are you using? Is there a chance that the routing table is set up such that it precludes packets destined for the AMT ports from actually reaching the NIC? Effectively implementing a “local hairpin” for local addresses?

I am running Manjaro with no firewall. I tried both on the system locally as well as coming in from external sources, another machine, mesh central, etc. This is why I was thinking I got the wrong wifi card initially as it is as if there is no route to the internal web server.

Any other suggestions would be appreciated or any notes you may have from setting yours up. XD

Alright, so I think I understand what’s happening.

I’m able to access the AMT web interface via http://localhost:16992 or (LAN address) in Windows. When I’m running Linux, I can’t.

My inkling is that the default network interface configuration on Linux forces all packets bound for “local” addresses to be resolved in the kernel without ever hitting the network interface. Since AMT somewhat requires those packets to escape, it’s almost a non-starter. I was unable to find, in cursory browsing of Stack Exchange, a way to disable this. It looks like Windows doesn’t by default, and that it is toggleable on various BSDs with the sysctl net.link.ether.inet.useloopback.

I believe that you need to establish local access before you can establish remote access, so it’s not surprising that you weren’t able to get at it via another machine.

There may be some sort of crazy iptables configuration that could get your packets out to the interface, but I’m not personally holding out hope.


Well I was looking for a reason to redo my dual boot anyway… XD I’ll do this and report back.

1 Like

@DHowett Made some progress. You were right switching to Windows let me view the web interface. I wasn’t able to get kvm working, just got a black screen with a small building icon that had a green fast-forward symbol on it but never got an image from the desktop.

But in manjaro I can’t get any sort of connection to it.