Adding Users

You can add new users either through an Identity Provider or manually (local).

Harmony Connect supports up to 50 local users for Internet Access and Network Access (both inclusive) and up to 50 local users for Application Access.

Best Practice - Check Point recommends to add users through an Identity Provider. For more information, see sk173623. Local users should be added for either evaluation or temporary users, such as contractors.

Prerequisite

If the endpoint's firewall policy is configured to block some or all outgoing traffic, then you must add these outbound rules to the firewall application (for example, Microsoft Firewall Defender) to allow the Harmony Connect Agent to communicate with Check Point cloudClosed An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic..

For Windows-based PCs

Rule Name

Action

Program

Port

Check_Point_Harmony_UDP Allow %Program Files%\CheckPoint\Harmony Connect\resources\tools\openvpn\openvpn.exe UDP 1194
Check_Point_Harmony_TCP Allow %Program Files%\CheckPoint\Harmony Connect\resources\tools\stunnel\bin\stunnel.exe TCP 443
Check_Point_Harmony_Connect Allow %Program Files%\CheckPoint\Harmony Connect\Harmony Connect.exe -
Check_Point_Harmony_Windows_Service Allow %Program Files%\CheckPoint\Harmony Connect\roaming_service\RoamingWindowsService.exe -

The first two rules allow traffic to OpenVpn and the last two rules allow traffic to Check Point's backend services.

For macOS-based PCs

Rule Name

Action

Program

Port

OpenVpn

Allow

openvpn

UDP 1194

Stunnel

Allow

Stunnel

UDP 1193

TCP 443