How do i set up a OneConnect VPN tunnel in cOS core

Last modified on 10 Mar, 2021. Revision 11
How to set up a OneConnect from cOs core with and without split tunnel
Up to date for
Core 13.00.09
Supported since
Core 13.00.09
Status OK
Author
Stefan Lindkvist

Question:

How do i set up a OneConnect VPN tunnel in cOS core?

Answer:

To create a OneConnect VPN we need to go in under Network > Interface and VPN > OneConnect and then press the add button and select OneConnect Interface.


Once the interface window opens up then you need to fill in information on the tunnel.


Once this setting is set up we can press OK and save the VPN. We can now to connect with the OneConnect client version 3 or higher or a 3rd party client such as OpenConnect.

If you are using a version 2.02.01 or older you need to run a SSL VPN instead. Information on how to set that up can be found in chapter 10 in the administration guide.


How to set up a split tunnel

If we want to split the tunnel so not all of the clients traffic goes over the VPN we can do like this.

First we need to create the objects in the address book. These objects will be the IP addresses and ranges that the clients can reach over the VPN once a connection has been established. To do this go under object > Address Book and press Add. The objects need to be specific IPv4 addresses, networks or address ranges.


Once we have created the objects we go back to the OneConnect interface we created and scroll down to the Client route option.


Here we now select Custom instead of default All-Nets and include the objects we created.

Once we have added the right routes in we press OK and deploy. Now we have set up a split tunnel.


More information regarding OneConnect setup and example can be found in the Administration guide for cOS core version 13.00.09 released 23/2 2021


Related articles

Configure OneConnect V.3 for macOS, iOS and iPadOS towards NetWall
9 Aug, 2021 sslvpn openconnect oneconnect macos ios netwall
Configure the Android OpenConnect client towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect 3 for Windows towards Clavister NetWall
7 Jul, 2021 sslvpn openconnect oneconnect windows
Lets Encrypt - error 9814 - chain had an expired certs
13 Oct, 2021 oneconnect macos openconnect ios
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
12 Oct, 2021 oneconnect sslvpn
Configure the OpenConnect-GUI client towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect macos windows linux core