If a device is configured for ICG, say a laptop, and the user spends part of their time at home and part of their time in the office; is there a way to have the device switch automatically between trying to connect to ICG or UMS?
It‘s either one or the other, afaik there is no support for UMS and ICG on the same client.
that stinks. I wonder if there is a way to run a command on the device based on some current attribute to have it reconfigure itself. Like if a specific address resolves, then do this. If it doesn’t, then do this. Or if maybe the IPs internally are somewhat unique that wouldn’t likely be used most places the device would be, could maybe do it based on that.
There is a new feature since 11.02.150 that should cover your needs @member :
### Remote Management
Connection order between UMS and ICG can now be configured.
| Registry | `system.remotemanager.icg_try_ums_connect` |
| Value | enabled / disabled* (default) |
When ICG connection is configured and the parameter is enabled, the
device tries to connect directly to UMS. When the connection was established,
the device is managed by UMS and not over ICG until new start of the
device or network.
Nice! Totally missed that
Just in addition to that, if they are specific configurations for external or internal use, there is also the way to work with Default Directories:
nice I like it. I like it a lot
is it possible to push the ICG config to the device so a user doesn’t need to use the ICG Agent Setup?
I see there is a place to define a server address, but wasn’t sure if that is all that was needed or not.
you mean like a mass deployment? Well, we had that on older builds but not on the actual ones unfortunately… If you have a 11.01.100 Device somewhere you could cop the /sbin/icg-config and replace it on 11.03.110. There you can automate the ICG Config through Command line Final network custom command.
yeah, something like that. It would just be nice to have that setup before giving it to a user and I know our Network Engineer is never going to allow us to open port 8443 to the dmz from the whole network.
is that something that might make it’s way back into the firmware?
David – don’t you allow that 8443 from the entire internet? Should be an easy ask from an InfoSec perspective to match that for internal > DMZ. That should also resolve your shadow via ICG issue on your previous post 😊
@member yes, I‘m expecting that coming back on 11.04!
Continue reading and comment on the thread ‘Can IGEL OS switch between connection to the UMS directly or via ICG based on location?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.
Submit a question, or Join Today!
Popular Message Threads
- How to Install IGEL OS via a Bootable USB Drive
- Error “AM_ERROR_AUTH_NETWORK_ERROR ” adding store in Citrix Workspace App version 20.x on IGEL OS 11.04
- Receiving error: “Citrix Receiver cannot create a secure connection in this browser” when launching a secure connection from Firefox on IGEL OS
- Error connecting to Citrix StoreFront “Error adding store: Http error”
- How to change the default IGEL UMS admin password?
- IGEL UD3 (LX50) randomly get this error with Citrix: The X Request 130.1 caused error :”10: BadAccess ( attempt to access private resource denied) any ideas?
- Where to delete the certificates that cause ‘invalid certificate’ when trying to import an IGEL into UMS?