Configure the OpenConnect-GUI client towards Clavister NetWall

Last modified on 5 Mar, 2021. Revision 16
This is a quick start guide on how to configure and use the OpenConnect compatible OpenConnect-GUI client running under MacOS towards Clavister NetWall.
Up to date for
cOS Core 13.00.09
 
Supported since
cOS Core 13.00.09
Status OK
Author
Mattias Nordlund


What is OpenConnect-GUI?

OpenConnect-GUI is a third party client compatible with a OneConnect Interface in Clavister cOS Core. It can be found at https://openconnect.github.io/openconnect-gui/. OpenConnect-GUI can be downloaded as pre-compiled binaries for both Windows and macOS, as well as for Linux and other Unix-like operating systems it can be compiled from source or installed via the OS package manager. The MacOS interface is used an example below but Windows is configured similarly.

Configuring OpenConnect-GUI

Start OpenConnect-GUI. The example below shows the client running under macOS. Select the cogwheel and select New profile.

As Gateway enter the full url (for example https://myvpn.mydomain.tld) as configured in the OneConnect interface in cOS Core (hostname and server port if not 443) and click Save & Connect, Name is optional and will default to the same as Gateway if left blank.

Note: The hostname entered as Gateway must be the same as either the Common Name (CN) or one of the Subject Alternative Name (SAN) of the certificate used by the OneConnect Interface in cOS Core. 

On initial connection, a pop-up to verify server certificate will appear. Click Show Details… to verify certificate, if everything looks okay, click Accurate information to proceed with the connection attempt.

A pop-up to enter a username will be forwarded from cOS Core. If the connection is successful the username will be saved in the OpenConnect-GUI profile and will not be requested on subsequent connection attempts.

A separate pop-up for the password will be presented to the user.

The pad-lock in OpenConnect-GUI will turn green on a successful connection.

On the VPN Info tab, detailed information about the SSL VPN tunnel can be seen, such as assigned IP, ciphers in use and if DTLS is active. 

Related articles

Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core