Good afternoon!
Can you please tell me, I can configure igel ums and igel cloud-gateway on one server, without dividing segments. Let me explain, ums and cloud-gateway will be in DMZ. Is this how the system will work?
Thanks!
Good Afternon Dmitry, I mean even if it might work, I wouldn’t recommend it (at all). The first reason: it isn’t supported, but from a technical perspective it is mostly related to security. Our UMS is not designed for facing external communication, the ICG do.
to add to that, those are intended szenarios: kb.igel.com/igelicg-2.02/en/when-to-use-icg-31600929.html
Agreed to both of these.
• UMS NOT in the DMZ, but has access inbound/outbound on 8443 to the DMZ segment/the ICG itself
• ICG in the DMZ, and has access INTERNALLY facing to the UMS inbound/outbound on 8443.
• ICG in the DMZ, and has access EXTERNALLY to clients, inbound/outbound on 8443 (inbound-wise, the default for ICG from the clients, but can be changed to 443 if required)
Also note that maintenance on the ICG can be given via the SSH port (22) as needed. @member is the authority on this, but _only_ opening access on 22 when doing maintenance, and then revoking that port’s access, should be best practice.
Continue reading and comment on the thread ‘Can I configure IGEL UMS and IGEL Cloud Gateway (ICG) on the same server?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!