Product guide
2
In cert, key, and CAfile, replace the file names and location for cira.pem, cira.key, and ca.cer
respectively with the actual values.
3
In ciraamt, use the default ports or replace them with the ports used.
• accept — Port that listens to the incoming Remote Access requests, then forwards it to the port
used for the connection. The default port is 81. If you want to use a different port, replace it
with the actual port number.
• connect — Port that receives the Remote Access requests from the port used for accept for
establishing the connection. This port must be the same as AMT Listen Port configured during the
ePO Deep Command Gateway server installation.
Rules must be enabled to allow inbound connections to the Remote Access empty port. In this case,
inbound connections must be allowed to port configured for accept.
Validate certificate
Verify that the certificate issued to the host name of your ePO Deep Command Gateway server is
correct.
Perform these steps from a local system.
Task
1
Using Microsoft Internet Explorer, go to https://<FQDN of the ePO Deep Command Gateway
server>:12345 (or the port you configured in stunnel.conf to listen).
2
View the certificate installed on the site.
The certificate must be installed on the ePO Deep Command Gateway server (see its host name) and
issued by a CA, which is known to the Intel
®
AMT system.
Setting up your environment for Remote Access
Validate certificate
5
McAfee ePO Deep Command 2.1.0 Product Guide
61