Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2878 Discussions

create an agent file

Hideo
Novice
608 Views

Hello,

 

I believe that if we create an agent file on the IntelEMA server and install it on the agent terminal, the agent terminal will access the host of the IntelEMA server.

 

So, I have a question.
Our network configuration is as follows.

 

Hideo_0-1718508838003.png

 

We would like to configure the agent terminal to access the FW, not the IntelEMA server directly.

*When the FW is accessed from the agent terminal, it is routed to access the IntelEMA server.

 

What settings should we change when we create the agent file to allow the agent terminal to access the FW?

 

Can you please provide me with some reference material and instructions on how to do this?

 

I am waiting for your reply.

Best Regards,

Hideo.

0 Kudos
10 Replies
vij1
Employee
553 Views

Hello Hideo,


Greetings!


The agent file configures the endpoint and allows the EMA Server to access it. If Azure Firewall is blocked, you will need to use Azure credentials to access its settings.


To enable communication between the EMA server and the endpoints, you need to configure the Azure settings accordingly. Please review Section 1.3.10 in the following guide: https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-server-installation-and-maintenance-guide.pdf#page=15


For more details on creating an Azure virtual machine for EMA, refer to the Intel EMA Web Deployment Guide for Azure: https://downloadmirror.intel.com/646990/Intel_EMA_Documents1.13.0.zip


Regards,

Vijay N.


0 Kudos
Hideo
Novice
522 Views

Hi Vijay N.

 

Thanks for the reply.
The agent terminal is not blocked by FW, I have NAT translation on 74.226.149.200 -> 10.0.0.2 with FW.

 

Hideo_1-1718709281288.png

 

I will reiterate my question.
As per the attached image,
Select "Identity mode" as "Use IP address",
I entered 10.0.0.2 and specified the Server address.

Hideo_0-1718709245369.png

After that, refer to p.32 3.2 of the following document to create Agent Files.

 

https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-admin-and-usage-guide.pdf

 

Then, the destination address of the server to be accessed from the Agent Files was set to
Is it possible to change 10.0.0.2 to 74.226.149.200?
If so, could you please tell me how to change it?

 

Also, if I select "Use FQDN only" for "Identity mode" instead of "Use IP address", can you tell me how to change the FQDN after setting the FQDN?

 

I am waiting for your reply.

Best Regards,

Hideo.

0 Kudos
vij1
Employee
503 Views

Hi 英夫 戸田,


The FQDN of the EMA instance cannot be changed after the installation. For reference, please review section 2.2.1.3 Load Balancer Information in the following document:


[Intel® EMA Server Installation and Maintenance Guide](https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-server-installation-and-maintenance-guide.pdf#page=15)


Please allow me 3 to 4 business days to answer the remaining questions.


Regards,

Vijay N.


0 Kudos
Hideo
Novice
417 Views

Vijay N.

 

It has been more than 4 business days. How is the response since then?

 

I am waiting for your reply.

Best Regards,

Hideo.

0 Kudos
vij1
Employee
384 Views

Hello Hideo,


I hope this message finds you well.


We apologize for the delay in responding to your query.


Please find below the detailed instructions and necessary information for configuring the agent file to access the firewall with the given NAT setup:

1.    Configuring the Agent File:

  • Your team will need to configure your Firewall and NAT setup. We are unable to do this for you.
  • Follow the EMA install guide to ensure you have opened the necessary TCP ports (listed in the Installation Guide) and/or set up port forwarding. The TCP ports must be forwarded without translating (e.g., TCP port 8080 -> 8080). Forwarding to a new port (e.g., TCP 8080 -> 7000) is not allowed.
  • Once you have completed these steps and confirmed connectivity between the endpoint and the EMA server (e.g., using telnet), you can generate new agent files as you did originally by following the install guide: Intel EMA Server Installation and Maintenance Guide.

2.    Changing the Server Address:

  • To change the server address from 10.0.0.2 to 74.226.149.200, you will need to work with your NAT vendor to get this set up. Unfortunately, we are unable to assist with this directly.

3.    Changing the FQDN:

  • Changing the Fully Qualified Domain Name (FQDN) after setting it using "Use FQDN only" mode is not supported.


If you have any further questions or need additional assistance, please do not hesitate to reach out.


Best regards,

Vijay N.


0 Kudos
Hideo
Novice
356 Views

Hi.

Vijay N.

 

Thanks for the reply.

I will change my question.

 

In order to have the destination of the agent terminal changed,
Where do we need to change the settings?

 

If it is possible to change the setting, please let us know how to change the setting and the manual.

 

Best Regards,

Hideo.

0 Kudos
vij1
Employee
342 Views

Hello Hideo,

 

Greetings!

 

Do you mind being more specific on the question?

 

In our email previous email, we provided 3 answers. Bear in mind, that some sections require the support of your Network team.

 

·       Your team will need to configure your Firewall and NAT setup. We are unable to do this for you.

 

·       To change the server address from 10.0.0.2 to 74.226.149.200, you will need to work with your NAT vendor to get this set up. Unfortunately, we are unable to assist with this directly.

 

Regards,

Vijay N.


0 Kudos
Hideo
Novice
328 Views

Hi.

Vijay N.

 

Thanks for the reply.
The content has become more complex, so I will organize it.

The network configuration is different from the first one as follows

Hideo_0-1719476004039.png

 

I then created the agent file using the EMA server.

I then installed the agent file I created using the EMA server on the agent terminal.

Then the agent terminal went to connect to the EMA server domain (ema.test.com). (I confirmed this in EmaAgent.log)

 

Here is my question.

Please tell me how to change the destination of the agent terminal (ema.test.com) to another destination (e.g. ema2.test.com).

 

I am waiting for your reply.

Best Regards,

Hideo.

 

0 Kudos
vij1
Employee
305 Views

Hello Hideo,


Greetings!


To change the destination of the agent terminal from ema.test.com to another destination (e.g., ema2.test.com), the only option is to reinstall the EMA software from scratch and add the new FQDN.


If you have any further questions or need assistance with the process, please let me know.


Regards,

Vijay N.


0 Kudos
vij1
Employee
178 Views

Hello Hideo,

 

I am following up on the case and wondering if further assistance is necessary.

 

Regards,

Vijay N.


0 Kudos
Reply