Intel AMT / vPro KVM port forwarding

Related: Intel vPro remote control with free open-source software


Unless using certificates, vPro computers should not be exposed to the Internet. Remember, the computer’s firewall doesn’t block vPro ports! It takes an external firewall to block vPro.

Remote firewall connections to Intel vPro machines can be made via either:

  • SSH port forward to use Intel AMT KVM
  • VPN to the remote PC network

Intel AMT vPro ports

Don’t open these ports to the public Internet!

Port Purpose
5900 VNC
16992 HTTP remote web UI
16993 HTTPS remote web UI, TLS requires this port
16994 KVM traffic
16995 KVM traffic when TLS is used

Diagnosing vPro PC problems remotely

With the ports above forwarded to your laptop, try web browsing to https://localhost:16993. If you have previously enabled the vPro VNC server, you can connect on Port 5900 with any VNC client over the VPN or SSH tunnel. If you have the commercial (paid) RealVNC Viewer Plus, you can connect via the ports above, with certificate instead of password is generally preferable.

Notes

Reference 1

reference 2

Tags:

Categories:

Updated:

Leave a Comment