This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
karthikrajaraj
Explorer
‎2023-02-28 04:20 AM

Checkpoint harmony connect start before logon

We are evaluating  harmony connect to connect remote users and azure cloud. We are having an Active directory server in Azure cloud. We are able to connect azure resources and connect the remote user to ad successfully through harmony connect network access. 

After the AD connection users are unable to use AD credentials as the harmony connect does not start before logon. 

Is this feasible with harmony connect or any work around available to achieve this?

 

Thanks

Karthik

0 Kudos
7 Replies
odedm
Employee
Employee
‎2023-02-28 08:22 AM

Hi Karthik,
Harmony Connect Agent need to identify the current signed in user therefore it does not seem to be feasible to connect before sign in. 
Please contact me directly to elaborate on this need.
Thanks,
Oded

karthikrajaraj
Explorer
‎2023-02-28 08:40 PM
In response to odedm

Yes. I understand. I am trying one work around for this problem. I will let you know if it works.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-02-28 11:14 AM

I know with our regular VPN client, this is possible using Machine Certificate Authentication.
See: https://community.checkpoint.com/t5/Remote-Access-VPN/How-to-Have-Remote-Access-VPN-Tunnel-Before-Us... 

0 Kudos
anstelios
Collaborator
‎2023-04-17 07:27 AM
In response to PhoneBoy

So is machine certificate authentication an option for Harmony Connect?

I strongly believe there should be an option for pre-logon connectivity on Harmony Connect.

0 Kudos
odedm
Employee
Employee
‎2023-04-17 08:12 AM
In response to anstelios

Harmony Connect needs to identify the logged in user (not the machine).
Theoretically, multiple end users can share the same bare metal machine.
In such case, each end user should be identified, they even can be associated with different accounts in Harmony Connect.
Each identified user can be member of different AD groups (different access rules)

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-02-28 02:06 PM

So to clarify you aren't using Azure AD as your IDP but normal AD hosted in Azure, is ADFS used here?

CCSM R77/R80/ELITE
0 Kudos
karthikrajaraj
Explorer
‎2023-02-28 08:38 PM
In response to Chris_Atkinson

Yes. We are using normal AD since we need to configure group policy for end user computers. 

0 Kudos
Trending Discussions
No VPN license
Upcoming Events

    CheckMates Events