Error “Can’t recieve certificate from server” trying to connect via IGEL ICG

Hello everybody, im on my way to set up an test lab for a customer. We got 1 IGEL UMS Server, 1 IGEL ICG Appliance and 1 UD Pocket. The Installation is complete and now i have trouble to connect the ud pocket with the igel icg. I get the error: Can’t recieve certificate from server.

Learn more, read the entire thread inside the IGEL Community o Slack

I createt a root and an self signed end entity certificate in the IGEL UMS console. The IGEL ICG is reachable from the outside throw port 8443.

Also i activatet the test license on the UD pocket.

Can some help me on this issue?

Hi Maximilian! Port 8443 is also opened from DMZ to LAN and vice versa and from DMZ to WAN?

Can you post a screenshot of the cert chain in UMS? Blur the internal data ๐Ÿ˜Š

Hello Maximilian, can you also add a screenshot of the UMS Administration, UMS Network, ICG Cloud Gateway, your server ?

Here is the screenshot. On our Sophos utm Firewall, i create a DNAT-Rule for Port 8443, Destination is the igel icg

igel icg

and the igel ums server

Ok Problem is solved, it was the Sophos Firewall. Thank you all for the quick reply and have a nice day ๐Ÿ˜ƒ

That was quick!! Congrats๐Ÿ˜„

now i ran into the next error =(

[12:17:50:649] [5887:5889] [ERROR][com.freerdp.core] – freerdp_set_last_error ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED


it is a Windows terminal server 2016, Firewall temporaly deactivated, rdp Access for all Domain user is allowed, Network authentification only deactivated

And how do you access this server? Locally in a LAN or from an outside office like for your ICG Test?

from outside, Connection to the icg is ok, Client is registered in the ums

Well, sorry to ask but is access to your RDP Server granted by something like a VPN or did you thought that it would go through the ICG tunnel? ICG is only available for Igel settings, and isnโ€™t a replacement for a data connection like VPN for other purposes than Igel settings. Hope that helps a bit…

mmh…. yeah i thougt it would go through the ICG tunnel ๐Ÿคช i will set up an rd Gateway server….

๐Ÿ˜‚ sounds good, yes, sorry if our information was misleading.

thank you very much for your help!

Continue reading and comment on the thread ‘Error “Can’t recieve certificate from server” trying to connect via IGEL ICG’.  Not a member? Join Here!

Learn more, search the IGEL Knowledge Base

Ask a question or comment on the above message thread?

Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.

Submit a question, or Join Today!

Popular Message Threads

Categories & Tags: