Contents x
    OpenVPN Tunnel
    • 16 Feb 2024
    • 2 Minutes to read
    • Contributors
      Contents

      OpenVPN Tunnel

      • Updated on 16 Feb 2024
      • 2 Minutes to read
      • Contributors
        Article Summary

        OpenVPN is a popular protocol that has been adopted by many solutions and software vendors across the globe. If you are using an Operating System that is not supported by our agent (List of supported OS), or perhaps you need to create a specific connection to a single machine or you are not able to use the Harmony SASE client- you can utilize our OpenVPN tunnel feature to create a direct connection to your Harmony SASE network.

        Warning
        The OpenVPN tunnel is not attached to a Harmony SASE user and does not offer any of the advanced security capabilities that the agent does such as Split Tunneling, DNS Filtering, Configuration Profiles, Firewall, Activity, SWG, DPC, and Single Sign-On.

        We'll need to make sure that we have the help of a Harmony SASE administrator in order to create the tunnel.

        Navigate to Networks -> Networks on the left side of your Harmony SASE portal

        Click on the ellipses next to the gateway and select Add Tunnel

        image.png

        Select OpenVPN Tunnel

        image.png

        Add a name for the tunnel. You will also see an Access Key ID and a Secret Access Key.

        CREDENTIALS
        • These credentials only appear at the point of creating the tunnel. Save these credentials as you'll need this for any future connection.
        • After clicking "Apply", these credentials will be encrypted and will not work anymore so make sure to copy them before applying the change.
        • You can always re-generate these credentials if they have been lost.

        image.png


        Click on the ellipses next to the newly created OpenVPN tunnel and select Configuration

        image.png

        You'll see a command which can be executed via terminal.
        If you're using macOS or Linux, the command will work as-is and it will download a file with the name "openvpn-config.ovpn"

        image.png

        Non-CLI-Supported OS     
        To download the file on Windows, or any other Operating system that doesn't have a Command-Line Input function, copy the line starting from "https" and until the word "download".

        Open the link in a new window to download the configuration file.

        MacOS

        Download Tunnelblick VPN client - https://tunnelblick.net/. The VPN client choice is up to you, but we recommend Tunnelblick for simplicity.

        Drag and drop the openvpn-config.ovpn file into the client to add the configuration:

        image.png

        Connect to the VPN. Use the Access ID and Secret Key as the username and password

        image.png


        Windows

        Download and install the OpenVPN Client https://openvpn.net/community-downloads/
        Click on the OpenVPN icon

        Select "Import" -> Import file...


        Select the downloaded file "saferx-openvpn-client.ovpn"

        Once the file has been imported, right-click on the OpenVPN client and then click "Connect"

        Now enter the Credentials that you copied previously and click OK

        • Client Access ID = Username
        • Client Access Key = Password
        • Note that if the Client Access Key started with "$6$perimeter81$" it has already been encrypted and you would need to re-generate your credentials

        Was this article helpful?
        What's Next