Clavister (Classic) SSL VPN vs OneConnect (OpenConnect based) SSL VPN

Last modified on 13 Jul, 2021. Revision 27

With the introduction of the OneConnect specific server in 13.00.09 there could be a bit of a confusion what is supported by each protocol.

Below is a table describing the differences between the two available SSL VPN Servers in Clavister NetWall.

	OneConnect Server	SSL VPN Server
Protocol Features
TLS (TCP) Support	Yes	Yes
DTLS (UDP) Support	Yes	No
Protocol	OpenConnect	Clavister Proprietary
Outer Transport Protocol	UDP, TCP	TCP
Outer IP Protocol	IPv4, IPv6	IPv4
Inner IP Protocol	IPv4	IPv4
Routing Features
Split Tunneling Support	Yes	Yes (Windows client) / No (macOS Client)
Split Tunneling Configuration	Dynamically configured on the client by NetWall on every connection attempt, fully transparent for the user.	Statically configured in SSL VPN configuration file downloadable from NetWall SSL VPN Portal. Any changes require the end user to re-download and re-apply the configuration file.
Number of Routes	32	5
Largest Subnet	No limitation	/24
Client Support
Support for 3rd Party Clients	Yes	No
Supported Clavister Clients	From OneConnect 3.0 for macOS, iOS, iPadOS and for Windows	Up to OneConnect Classic SSL VPN 2.0 for Windows and OneConnect Classic 2.0 for macOS
NetWall firmware versions
Supported from	cOS Core 13.00.09	CorePlus 9.20.00

Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core

Configure the OpenConnect-GUI client towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect macos windows linux core

Related articles