OpenConnect

OpenConnect
OpenConnect
Original author	David Woodhouse
Developers	Daniel Lenski, Nikos Mavrogiannopoulos
Initial release	March 18, 2009
Stable release	9.12 / May 20, 2023; 3 years ago
Repository	{{URL\|example.com\|optional display text}}Lua error in Module:EditAtWikidata at line 29: attempt to index field 'wikibase' (a nil value).;
Engine	Lua error in Module:EditAtWikidata at line 29: attempt to index field 'wikibase' (a nil value).
Type	VPN
License	GNU LGPL v2.1
Website	www.infradead.org/openconnect/

Lua error in mw.title.lua at line 392: bad argument #2 to 'title.new' (unrecognized namespace name 'Portal'). OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

The OpenConnect client supports the following VPN protocols:

Cisco AnyConnect
Juniper Secure Connect (since 7.05)^[3]
Palo Alto Networks GlobalProtect (since 8.00)^[4]
Ivanti/Pulse Connect Secure (since 8.04)^[5]
F5 BIG-IP and
Fortinet FortiGate and
Array Networks AG SSL VPN (since 8.20)^[6]

It was originally written as an open-source replacement for Cisco's proprietary AnyConnect SSL VPN client,^[7] which is supported by several Cisco routers.

As of July 2023^[update], support for several other proprietary VPN protocols is desired or in development:

SonicWall NetExtender VPN support^[8]
Check Point SNX VPN support^[9]
H3C VPN support^[10]
Barracuda CloudGen Firewall VPN support^[11]
Huawei VPN support^[12]

Architecture

The OpenConnect client is written primarily in C, and it contains much of the infrastructure necessary to add additional VPN protocols operating in a similar flow, and to connect to them via a common user interface:^[13]

Initial connection to the VPN server via TLS
Authentication phase via HTTPS (using HTML forms, client certificates, XML, etc.)
Server-provided routing configuration, in a protocol-agnostic format, which can be processed by a vpnc-script
Data transport phase via a UDP-based tunnel (DTLS or ESP), with fallback to a TLS-based tunnel
- Built-in event loop to handle Dead Peer Detection, keepalive, rekeying, etc.

OpenConnect can be built to use either the GnuTLS or OpenSSL libraries for TLS, DTLS and cryptographic primitives.

Platforms

OpenConnect is available on Solaris, Linux, OpenBSD, FreeBSD, MacOS, and has graphical user interface clients for Windows,^[14] GNOME,^[15] and KDE.^[16] A graphical client for OpenConnect is also available for Android devices,^[17] and it has been integrated into router firmware packages such as OpenWrt.^[18]

OpenConnect VPN graphical client

The OpenConnect project provide clients for Windows^[19] and macOS^{[citation needed]}.

Server

The OpenConnect project also offers an Cisco AnyConnect-compatible server, ocserv,^[20] and thus offers a full client-server VPN solution.

OpenConnect and ocserv now implement an extended version of the Cisco AnyConnect VPN protocol, which has been proposed as an Internet Standard.^[21] Both OpenConnect and ocserv strive to maintain backwards-compatibility with Cisco AnyConnect servers and clients.

Notable uses

OpenConnect's implementation of the Cisco AnyConnect protocol is sufficiently complete, such that some of Cisco's own IP phone devices embed a very old release of OpenConnect^[22] in order to connect to Cisco SSL VPNs.^[23]^[24]

References

^ ^a ^b infradead.org - OpenConnect: Changelog.
^ gitlab.com - OpenConnect: License.
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ OpenConnect VPN Server.
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

External links

[infradead:changelog-1] radead.org - OpenConnect: Changelog.

[gitlab:copying-2] tlab.com - OpenConnect: License.

[3] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[4] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[5] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[6] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[7] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[8] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[9] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[10] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[11] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[12] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[damapdx-13] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[14] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[15] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[16] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[17] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[18] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[19] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[20] OpenConnect VPN Server.

[nmav_ietf_draft-21] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[22] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[23] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[24] Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

OpenConnect

Contents

Architecture

Platforms

OpenConnect VPN graphical client

Server

Notable uses

References

External links

Navigation menu

OpenConnect

Architecture

Platforms

OpenConnect VPN graphical client

Server

Notable uses

References

External links

Navigation menu

Search