About Intel AMT > Manageability Ports

Manageability Ports

TCP/UDP messages addressed to certain registered ports are routed to Intel AMT when those ports are enabled. Messages received on a wired LAN interface go directly to Intel AMT. Messages received on a wireless interface go to the host wireless driver. The driver detects the destination port and sends the message to Intel AMT. The following are the IANA registered ports that Intel AMT may receive:

 

Port

Description

Details

16992

Intel(R) AMT HTTP

Used for WS-Management messages to and from Intel AMT. This port is open over the network only when Intel AMT is configured or during the configuration process. Starting with Release 6.0, the port is optionally open when TLS is enabled. The port is always open locally. See Defining Secure Connection Settings.

16993

Intel(R) AMT HTTPS

Used for WS-Management messages to and from Intel AMT when TLS is enabled. See Transport Layer Security.

16994

Intel(R) AMT Redirection/TCP

Used for redirection traffic (SOL, IDER, and KVM using Intel AMT authentication). Enabling the redirection listener enables this port. See Enabling the Listener State.

16995

Intel(R) AMT Redirection/TLS

Used for redirection traffic (SOL, IDER, and KVM using Intel AMT authentication) when TLS is enabled. Enabling the redirection listener enables this port. See Enabling the Listener State.

623

ASF Remote Management and Control Protocol (ASF-RMCP)

Used for RMCP pings. This port is a standard DMTF port and accepts WS-Management traffic. It is always enabled.

664

DMTF out-of-band secure web services management protocol

ASF Secure Remote Management and Control Protocol (ASF-RMCP)

Used for secure RMCP pings. This port is a standard DMTF port and accepts secure WS-Management traffic. It is always enabled.

5900

VNC (Virtual Network Computing) - remote control program

Used for KVM viewers that do not use Intel AMT authentication but use the standard VNC port instead. See Working with Port 5900 and Changing the Default KVM Port Setting.

 

What happens when a management console runs on an Intel® vPro™ platform?

If a management console running on an Intel vPro platform sends manageability traffic to another platform containing Intel AMT what happens? Nothing unusual, unless the console platform uses one of the above port numbers as a source port in its messaging. For example, the console application running on the Host sends an RMCP ping and uses 623 as both the destination and source port. The remote platform will receive the ping and send the response, but the console platform will route the response locally to Intel AMT. It will then appear to the Host that there was no ping response. The way to avoid this situation is never use these dedicated IANA ports as source ports.

Copyright © 2006-2013, Intel Corporation. All rights reserved.