- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Just got an X1 Tablet 2nd Gen (model 20JC) and am working on setting up vPro. No wired NIC so I'm finding this article useful:
The machine is primarily a desktop replacement and is connected to a Lenovo USB-C dock for power, Ethernet, and two external monitors. One of the monitors goes off the dock's native DisplayPort; the other external monitor goes through USB to an old Pluggable dock. AMT firmware and software are current--from MEWinINfo.exe:
BIOS Version N1OET37W (1.22 )
MEBx Version 11.0.0.0010
GbE Version Unknown
Vendor ID 8086
PCH Version 21
FW Version 11.8.50.3425 LP
Security Version (SVN) 3
LMS Version 11.7.0.1043
MEI Driver Version 11.7.0.1040
Wireless Hardware Version 2.1.77
Wireless Driver Version 20.10.2.2
I got Wi-Fi enabled for vPro using the WebUI (took me a while to figure out I had to do that from the host system, e.g. http://localhost:16992/). After that, I was able to connect from another machine on the LAN. Then, using Mesh Commander 0.5.8, I set up a certificate for the machine and enabled TLS. So far so good!
I have three issues:
1. Per the article linked above, AMT should work in S5 (power off). I can shut down remotely from Mesh, but once down, the machine is not on Wi-Fi. I confirmed in my router that it was offline.
2. If a user is logged in and I try to start a remote KVM session from Mesh, I just see some strange icons in Mesh (screenshot below) and the user does not get the dancing border. However, if the screen is locked (from a Windows perspective), Mesh can connect, the user sees the border, and I can log on remotely and work as normal in Mesh KVM. The second external monitor, connected through the USB hub, doesn't work, but that's not a big deal. What is a kinda big deal is that the KVM can't connect to an active session; here's what it looks like when I try that:
3. When the system boots, it is connected to the dock and thus to the wired LAN. (The dock has a non-vPro Realtek NIC.) It seems that in this state, even though Wi-Fi is set to connect automatically, Windows 10 does not turn on Wi-Fi. This means vPro is not available unless the user manually connects to Wi-Fi.
Thanks for your help,
Mark Berry
MCB Systems
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey Mark,
Lets start with your wireless issues first and it will probably fix your s5 state issue as well. Wireless is tricky in that the OS actually owns the interface in contrast to the wired LAN port.
It could be an issue with the Wireless Driver and how it is handing off control back to the firmware. Try this please
- X1 - go into the WebUI and verify that the reported wireless IP is the same as OS IP.
- Management System - Initiate a on terminating ping to the x1 AMT Wireless interface - ping <ipAddress> -t
- note the ttl
- x1 - From the OS go to Control Panel\Network and Internet\Network Connections
- Right Click the OS Wireless connection
- Select Disable
- X1 - If everything works correctly you will see a few lost packets as the OS hands control over to the AMT wireless interface and the TTL will change to something like 255
- If it doesn't immediately pickup wait 5 to 10 minutes
- Does it ever pickup?
- If no, then your Wireless Profile is not set up correctly, try changing the encryption mechanism
- If yes your wireless Profile is fine, you need to update your wireless driver
- Does it ever pickup?
- If it doesn't immediately pickup wait 5 to 10 minutes
Let me know your results
Joe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Joe,
Thanks for your reply. You're right; the firmware never picks up the Wi-Fi when I disable Wi-Fi in the OS, even after five minutes.
My UniFi access point is configured to allow connection as "WPA Personal".
Windows sees this as "WPA2-Personal" with Encryption type "AES".
In the vPro WebUI, I chose WPA-PSK. There is no mention of AES encryption. I had it on TKIP, then changed to CCMP encryption. Neither one allowed the ping with the Wi-Fi disabled. Do I need to reboot after such a change?
I thought maybe I could see in the WebUI event log whether the Wi-Fi is connecting but I don't see any related messages. I do see this a couple times:
1/29/2018 6:47 pm |
Intel® AMT | Authentication failed 10 times. The system may be under attack. |
Mark Berry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Updates:
1. The tablet has been rebooted at least once. Tried the ping test again with Wi-Fi disabled. "Destination host unreachable".
Question: I read somewhere that AMT over Wi-Fi only works when the system is plugged in. How does the host determine/define that? This tablet only has USB-C for power, no discreet power jack. I've tested with both USB-C power from the dock and directly from the power adapter.
2. I connected my main 1600x1200 display with a DisplayPort-to-VGA cable plugged directly into the tablet, not going through the dock. I still get the mostly-black screen when I use Mesh to Remote Desktop to a live session. Clicking on the 1/2/3 buttons lower right changes nothing.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page