To communicate with the UMS, the devices initiate a TCP connection to the ICG.

To communicate with the devices, the UMS initiates a TCP connection to the ICG.

The default port on which the ICG is listening is port 8443. It can be changed during the installation of the ICG. With ICG 2.02 or higher, a privileged port can be used, e.g. port 443. When the installation is completed, the port is fixed.

With ICG version 2.x or 12.01.x and UMS version 6.x or 12.01.x, it is not possible to inspect the TLS traffic between any of the components. The inspection would break TLS and interrupt communication between the products.

As of UMS version 12.02, you can inspect the TLS traffic, see IGEL UMS Configuration for the External Load Balancer / Reverse Proxy: Example for NGINX with SSL Offloading.

Direct Connection

The following figure illustrates the communication between the devices (thin clients) and the UMS via ICG:

Via Proxy

The following figure illustrates the communication between the devices (thin clients) and the UMS via ICG and a proxy: