Is it possible to set up an ICG HA with an external load balancer such as Citrix Netscaler? if yes, How? We use Shared workplace and need as possible 100% availability
I believe ICG does not allow kb.igel.com/igelicg-2.05/en/using-citrix-netscaler-adc-as-an-ssl-bridge-for-icg-57324582.html any such load balancing appliances to be used.
However you can setup multiple ICG servers, and use public “round robin DNS” as a primitive load balancing method.
I think the general guidance is 1 ICG server for ~2000 concurrently connected devices.
Sounds like HA UMS is also a requirement for your workload as well.
Correct!! ICG is only one part of the answer, and UMS w. external LB isn’t officially supported either atm. BUT this is subject to change asap!
Yes, we have UMS HA installed. So there is currently no support for ICG HA? and how do i setup an high availability for shared workplace outsoide of my campus lan? Round Robin is not possible because of the authentication with shared Workplace
You can do it with a netscaler (works absolutely well) but it isn’t supported atm.
ok, with an ssl bridge?
@member see…you made a liar out of me! 🙃
well, let me say. it works…currently…
The IGEL rmagent has HA builtin for these communications. When a device is registered it will grab a list of all ICG’s (and UMS servers) in the enterprise, and will fallback if required. If a new one is added, the device will add that to the list during the next configuration update / check-in.
That being said, for OS 12, there is work being done on the IGEL Unified Protocol that should support load balances with a single external IP / Address, but it’s not quite ready yet.
When I use Round-Robin and this ICG is currently not available, the Rmagent does not receive any other ICGs.
Has no one asked or requested it yet?
2000 TC over one (1) ICG? O_o sound like someone like to be whipped 😄
You can have multiple ICG’s, just not behind a single IP / Address
Do you have an external address for all ICGs?
How do you mean Round-Robin doesn’t work? You have a public DNS record pointing to all your ICG?
:thinking_face:
When I use Round-Robin and this ICG is currently not available, the Rmagent does not receive any other ICGs. Sorry i forgot: In the registration phase. The Client doesnt know all the other things.
But then i can use Email regristation… Sounds like a plan.
During registration are you using the Round-robin public DNS name? Or individual ICG server name? I see units bouncing around from ICG to ICG, so this approach does work.
External LB(Netscaler) is supported with COSMOS
with no SSL offloading*
Continue reading and comment on the thread ‘IGEL Cloud Gateway High Availabiliyt with an external load balancer such as Citrix Netscaler’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!