OpenVPN is a popular protocol that has been adopted by many solutions and software vendors across the globe. If you are using an Operating System that is not supported by our agent (List of supported OS), or perhaps you need to create a specific connection to a single machine or you are not able to use the Harmony SASE client- you can utilize our OpenVPN tunnel feature to create a direct connection to your Harmony SASE network.
The OpenVPN tunnel is not attached to a Harmony SASE user and does not offer any of the advanced security capabilities that the agent does such as Split Tunneling, DNS Filtering, Configuration Profiles, Firewall, Activity, SWG, DPC, and Single Sign-On.
We'll need to make sure that we have the help of a Harmony SASE administrator in order to create the tunnel.
Navigate to Networks -> Networks on the left side of your Harmony SASE portal
Click on the ellipses next to the gateway and select Add Tunnel
Select OpenVPN Tunnel
Add a name for the tunnel. You will also see an Access Key ID and a Secret Access Key.
These credentials only appear at the point of creating the tunnel. Save these credentials as you'll need this for any future connection.
After clicking "Apply", these credentials will be encrypted and will not work anymore so make sure to copy them before applying the change.
You can always re-generate these credentials if they have been lost.
Click on the ellipses next to the newly created OpenVPN tunnel and select Configuration
You'll see a command which can be executed via terminal. If you're using macOS or Linux, the command will work as-is and it will download a file with the name "openvpn-config.ovpn"
To download the file on Windows, or any other Operating system that doesn't have a Command-Line Input function, copy the line starting from "https" and until the word "download".
Open the link in a new window to download the configuration file.
Download Tunnelblick VPN client - https://tunnelblick.net/. The VPN client choice is up to you, but we recommend Tunnelblick for simplicity.
Drag and drop the openvpn-config.ovpn file into the client to add the configuration:
Connect to the VPN. Use the Access ID and Secret Key as the username and password