When I use Network Discovery in the Managability Commander tool via VPN into a certain network, my AMT computers are not discovered. When I add a known AMT IP from this network to the computer list it adds correctly and I can connect to it. However, even if I know the IP and scan the range including the IP I get no discovery results. Using the web tool, I can also connect to a AMT box on the problem network via 16992 with no difficulty. The only problem I seem to have is with non functioning Network Discovery on the problem network. I have used Network Discovery on my local network and VPN'd into other remote networks and it has been successful in the discovery effort. But on this particular network, no luck. I assume it is not a firewall issue because I can connect to 16992 using the Web tool. It is happening on more than a single computer so I assume it is not an issue on the target computers. Help!
This sounds like a network-specific issue with the way the Manageability Commander Tool operates. For the Network DIscovery feature, the Manageability Commander Tool performes a "staged / phased" approach by performing the following order of operations:
- Performs a ping sweep over the IPv4 address range defined.
- For each IPv4 address that was successfully pinged, attempts to establish a non-TLS connection via port 16992.
- If the first connection fails, attempts a TLS connection via port 16993.
Without knowing the specifics of the network configuration you are working with, the most likely cause of this issue is that the ICMP (ping) packets are being blocked by either a firewall or router/switch configuration. This would prevent the Manageability Commander Tool from being able to detect a viable endpoint at a given IPv4 address. However, as you are experiencing, direction connections to manually entered IP addresses still work as only the ping packets are being blocked.
I have no problem manually pinging computers on the problem network. In fact that is how I located the AMT unit, I manually pinged all addresses within the DHCP range to identify active computers and then for each active computer I manually attempted to make a AMT connection. When I succeeded I then knew the IP of the AMT computer. Pings are not being blocked, yet the Management Commander Network Discovery tool is not working for me.