Good day everyone hope you’re doing well may i ask a question regarding UMS and OBS on Cosmos? I’ve setup UMS and Cosmos and OBS as described on the KB. I’m getting error 37 after logging in which indicates some Certificate issues. the thing is that confuses me anyways while following the instruction is. if they talk about host name and IP do they mean public ip where the UMS is reacheble or does the UMS just need to be connected to the internet?
Send a screenshot where ask for host name and IP to confirm, but you need to link UMS to IGEL Customer Portal and IdP like Azure:
kb.igel.com/howtocosmos/en/how-to-start-with-igel-cosmos-77865726.html
If you have access from remote devices to your UMS (i.e. your own VPN), you can use One-time password method for registration:
kb.igel.com/howtocosmos/en/onboarding-igel-os-12-devices-77865898.html
Other FAQs:
igel-community.github.io/IGEL-Docs-v02/Docs/HOWTO-COSMOS/
Thanks for getting back on me the thing confused me the most while following the KB was that it didn’t mentioned that it should be an external ip and external host . i found that super odd during the setup 😄 and when reading trough the marketing white papers and even in the call with the sales and techies they said ICG is not neccesary that cosmos does this now i think i misunderstood what the purpose of Cosmos is.
need to register a public ip install icg i guess and register this then in cosmos with the right certificates
You have several options:
• If you have no direct access to your UMS from remote devices, but have an Azure account, you can use OBS method.
• If you have no direct acces, VPN or Azure, you can use ICG 12.
• If you have direct access via VPN/Routing/VLAN/UMS on Cloud, you can use OTP method
my setup looks like this i followed the getting started guide
my clients have no direct access to ums
need to clarify maybe i’m not sure about the connection between cosmos and my ums
beacuse all i did in the end under IGEL OS Onboarding Registration on the cosmops web portal was the itnernal IP and the Certificate chain.
If you have no direct access to your UMS from remote devices, you need an IdP (Identity provider) like Azure to use OBS:
kb.igel.com/howtocosmos/en/initial-configuration-of-the-igel-onboarding-service-obs-77865754.html
If you have no IdP or VPN, you need to use ICG12:
kb.igel.com/igelicg-12.02/en/igel-cloud-gateway-icg-90238150.html
Remember that ICG is used only for UMS management and you cannot connect to your servers with ICG (Citrix, Horizon, etc.). You cannot load files bigger than about 5 Mb, like firmwares, directly to remote devices and you need to use an external Web/FTP server.
i did all ethe steps you mentioned on kb.igel.com/howtocosmos/en/initial-configuration-of-the-igel-onboarding-service-obs-77865754.html
i created an azure app and registered the idp
when i try to log in on my thinclient i cet asked to login via user password and MFA and after that i get error 37
Then, you are on the same situation than one of my customers and waiting for IGEL solution with a support ticket.
It seems that is clearly a certificates issue, but we are investigating. Be sure that your certificates have all same RSA bits.
You can create another case to try to speed up a solution. 😉
did you use your internal IP or did you create a portworwarding, nat waf froma external ip and added that under the web certificates ?
wrote the keyaccount gentlemen maybe he can forward it to the right place
From this link
igel-community.github.io/IGEL-Docs-v02/Docs/HOWTO-COSMOS/#faq-icg-12
Q: Is ICG 12 needed with UMS 12 for OS 12 devices not on the same network as the UMS 12?
A: That depends on if your security team will allow UMS 12 on port 8443 to be opened to the Internet or connected to internet via load balancer with SSL pass through (such as F5 / NetScaler / Azure Application Gateway with end to end SSL/TLS encryption and WebSocket support) that forwards encrypted SSL traffic to the UMS without decryption. If the above options cannot be met, an ICG 12 will be needed to support OS 12 devices. Similar sizing guidelines for ICG 12 (setting connection limit to 2K / 2.5K devices). See kb.igel.com/igelicg-12.02/en/igel-cloud-gateway-icg-90238150.html ICG 12 KB and kb.igel.com/endpointmgmt-12.02/en/igel-cloud-gateway-vs-reverse-proxy-for-the-communication-between-ums-12-and-igel-os-devices-90235862.html KB – IGEL Cloud Gateway vs. Reverse Proxy for the Communication between UMS 12 and IGEL OS Devices.
no offense and with all due respect but it doesnt answer my ansewer at all and i read that article 5 time trough:
simple question do i add here a public ip or hostname and a certificate or is the internal one enough
Sorry … Tried to help..
I would step back in spend the two hours taking the free IGEL ICP class.
FAQ – IGEL Education
Q: What are the training options for IGEL COSMOS?
A: Please enroll in www.igel.com/learn-and-connect/igel-education/ IGEL Academy for formal training courses on IGEL products geared towards beginners and experienced users alike.
thanks! will have a look at this
@member just solved it
for you to test: add public adress set a nat or WAF rule with Port 8443 to the internal generate a new certificate down load it from the network tab on the webconsole and apply it to cosmos OBS registration
and accept the eula of your licenses
Excellent – Thanks for the update.
Continue reading and comment on the thread ‘Issues during onboarding IGEL OS.’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!