How to handle increased work from home using IGEL thin clients over ICG?

For those of you who do not have ICG configured, how are you handling increased work from home using IGEL thin clients? We’re being asked to investigate bringing IGEL devices online and sending them home, but without ICG, my initial thought was that we’re basically limited to using Firefox to connect to our external Citrix NetScaler, authenticate, and then launch their apps or desktop from there.

Learn more, read the entire thread inside the IGEL Community o Slack

keep in mind you’re loosing the capability to manage your IGEL endpoints in this scenario. If you don’t want to invest in ICG you could do VPN or even place UMS in the DMZ (I wouldn’t recommend this).

We’re going to do ICG, but the timeframe likely won’t work. We need something up like… now.

We’re definitely not putting UMS in the DMZ. We have Cisco AnyConnect, and if there was a way to integrate that, it may help. I think IGEL pulled that long ago, though.

ask support – afaik it’s available as a custom partition

@member I think the openconnect client works with AnyConnect

@member Thanks, I got the bits and have it imported into my UMS now. Any chance you’ve got more detailed config notes on what should really be entered in the parameters?

Unfortunately I don’t have an AnyConnect VPN to connect to anymore as we switched off it earlier this year

But there are details in the KB

Loolks like registry keys are used to configured it

Yeah, those options are definitely different than the AnyConnect options I see in this custom profile. This option likely makes the least sense, I would think.

I am not sure what custom profile you are talking about?

Sorry, I reached out to my IGEL rep and he sent me the AnyConnect custom partition profile that I guess somebody at IGEL created long ago.

It’s the config that Rene mentioned earlier in this thread.,

I had good success with the openconnect client on Linux. It was typically more stable than the Anyconnect client once it was configured

FYI: Going back to your first point @member, you could use Firefox to go through the Netscaler or you could also configure Storefront to integrate with the local Desktop.

That’s what I’m going to be testing today. The biggest issue I see now is how to provision new hardware if we’re all working from home, with no ICG configured.

Browser -> NetScaler worked nicely. Now to solve the provisioning issue.

Somewhat off-topic, is there a doc listing the base permissions required in Access Control for provisioning (register device, move between directories, reboot, etc.)?

There isn’t an official doc. But you would need to allow Browse/Read/Move on the directories to and give the account the rights to scan for devices to register/move devices.

After that, the ACL for Device Directories is pretty stright-forward, just check the boxes for the actions you want the users to have access to.

Continue reading and comment on the thread ‘How to handle increased work from home using IGEL thin clients over ICG? ‘.  Not a member? Join Here!

Learn more, search the IGEL Knowledge Base

Ask a question or comment on the above message thread?

Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.

Submit a question, or Join Today!

Popular Message Threads

Categories & Tags: