Intel AMT Features > Remote Access > Use Cases > Add a Remote Access Policy
CollapseAll image

Add a Remote Access Policy

The following steps describe how to set a Remote Access policy, used to establish a secure tunnel between a management console and the Intel AMT platform.

1.  Retrieve the instance of AMT_RemoteAccessService, where the “Name” key equals “Intel(r) AMT Remote Access Service”.

2.  Invoke AMT_RemoteAccessService.AddRemoteAccessPolicyRule with the following parameters:




The event that will trigger the establishment of the remote connection to the MPS. Valid values:

0 – User Initiated

1 – Alert

2 – Periodic


Defines the tunnel’s lifetime in seconds. A value of 0 means that the tunnel should stay open until it is closed by the CloseRemoteAccessConnection method or when a different policy with a higher priority needs to be processed.


Set only for periodic policy. Defines the idle periods of the connection.

The extended data can be in one of two formats: periodic interval or daily interval. The input values must be converted to base64 format.

Periodic interval:

UINT32             0

UINT32             interval in seconds


Daily interval:

UINT32             1

UINT32             Hour in the day (0-23)

UINT32             Minutes in the hour (0-59)



EPRs of one or two MPSs used to open the connection using this policy. Use the EPR that was returned when creating each MPS (see Add a Management Presence Server). The first MPS reference is the primary MPS, while the second is used as a backup if it is not possible to establish a connection with the first MPS.



If successful, the method returns a handle to the new Remote Access policy.


Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.


$extendedData ="AAAAAAAAABk=" # = 25 seconds in base 64 with network order.

$remoteAccessServiceRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_RemoteAccessService WHERE Name='Intel(r) AMT Remote Access Service'")

$inputObject =$remoteAccessServiceRef.CreateMethodInput("AddRemoteAccessPolicyRule")




# $mpServerRef is an EPR to the AMT_ManagementPresenceRemoteSAP object created by the 'Add a Management Presence Server' use case.


$outputObject =$remoteAccessServiceRef.InvokeMethod($inputObject)

$returnValue =$outputObject.GetProperty("ReturnValue")

if($returnValue -like "0")


    $policyRule =$outputObject.GetProperty("PolicyRule")




Instance Diagram

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.


See Also:

   Remote Access Policies

   Enabling Remote Access

Copyright © 2006-2022, Intel Corporation. All rights reserved.