What is OpenConnect?
OpenConnect is both a protocol and open source project for creating SSL VPN clients that are compatible with multiple types of remote SSL VPN servers. Such clients are compatible with the Clavister OneConnect Interface feature in Clavister cOS Core. More details about the protocol can be found at http://www.infradead.org/openconnect/. This guide covers how to connect using the CLI client included in the OpenConnect project.
Installing the OpenConnect client
Install OpenConnect according to whether Linux or Unix is being used. Pre-compiled binaries are available for Debian, Ubuntu, Fedora. For other operating systems like NetBSD, FreeBSD and Solaris, it can be compiled from the source code or using NetBSD pkgsrc.
Connecting using the OpenConnect client
Connect to Clavister NetWall by typing openconnect https://hostname in a shell.
Note: The hostname entered must be the same as either the Common Name (CN) or one of the Subject Alternative Name (SAN) of the certificate used by the OneConnect interface in cOS Core.
root@linux:~# openconnect https://myvpn.mydomain.tld POST https://myvpn.mydomain.tld Connected to 192.0.2.10:443 SSL negotiation with myvpn.mydomain.tld Server certificate verify failed: signer not found Certificate from VPN server "myvpn.mydomain.tld" failed verification. Reason: signer not found To trust this server in future, perhaps add this to your command line: --servercert pin-sha256:PUNgII37RWw2NGMqumSkqDAfQBPPKaIUuVJYT8FneeY= Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on myvpn.mydomain.tld XML POST enabled Please enter your username Username:user POST https://myvpn.mydomain.tld/auth Please enter your password Password: POST https://myvpn.mydomain.tld/auth Got CONNECT response: HTTP/1.1 200 CONNECTED CSTP connected. DPD 30, Keepalive 32400 Connected as 172.28.1.200, using SSL, with DTLS in progress Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-128-GCM).
11 Jan, 2023 ipsec core vpn
10 Mar, 2023 core vpn ikev2 windows radius certificate
28 Mar, 2023 ikev2 windows vpn routing splittunneling
23 Aug, 2022 core certificate oneconnect ipsec vpn
30 Mar, 2021 linux easyaccess
20 Feb, 2023 core vpn ipsec
29 Mar, 2023 ipsec core windows vpn l2tp
16 Sep, 2020 vpn ipsec ikev2 windows howto dh
14 Mar, 2023 core ipsec vpn ikev2 certificate
2 Dec, 2022 netwall ikev2 windows certificate vpn core
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core