Do you have to use the Cloud Gateway if you are using port forwarding to the UMS from a public IP to the inside on our network?
Unless you plan to have everyone perform port forwarding to their IGELs at home, it is indeed required for pushing settings, secure terminal, shadowing, etc. Even so, the UMS server will attempt to send settings directly to the private IP of the device when not joined to ICG.
This makes any sort of NATing/port forwarding between UMS and endpoints very difficult. ICG is the way to go for this.
kb.igel.com/endpointmgmt-5.09/en/ums-communication-ports-22459132.html kb.igel.com/endpointmgmt-5.09/en/ums-communication-ports-22459132.html
Sorry, I may not have worded that correct. What I meant was putting a firewall rule in so that devices outside the network can talk to the UMS via a public IP (with a DNS record for a web address).
Rather than putting a cloud gateway in the DMZ, traffic destined for igel.company.com igel.company.com from the outside would come in via necessary ports to the UMS VM sitting on our ESX cluster
yes but UMS also needs to be able to contact the client and this usually isn’t possible in your scenario. If you don’t want to deploy ICG there is basically just VPN left as an alternative.
It would make sense, at least if you already have EMP.
• Remote Shadowing even before VPN is established or if a User needs support for the VPN
• Active pushing of configs (on a port forwarding scenario, only passive configurations on reboot)
• Remote Wipping of the device if stolen / lost
• From a Security perspective the UMS is not as much designed for a direct Internet access from outside, the ICG does
Thank you for the info, I appreciate it.
Continue reading and comment on the thread ‘Do you have to use the Cloud Gateway (ICG) if you are using port forwarding to the UMS from a public IP to the inside on our network?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!