Clavister (Classic) SSL VPN vs OneConnect (OpenConnect based) SSL VPN

Last modified on 3 Jun, 2022. Revision 45
With the introduction of the OneConnect specific server in 13.00.09 there could be a bit of a confusion what is supported by each protocol.
Up to date for
cOS Core 14.00.04
Status OK
Author
Mattias Nordlund

Below is a table describing the differences between the two available SSL VPN Servers in Clavister NetWall.


OneConnect ServerSSL VPN Server
Protocol Features 
TLS (TCP) SupportYesYes
DTLS (UDP) SupportYesNo
ProtocolOpenConnectClavister Proprietary
Outer Transport ProtocolUDP, TCPTCP
Outer IP ProtocolIPv4, IPv6IPv4
Inner IP ProtocolIPv4IPv4
Routing Features
Split Tunneling SupportYesYes (Windows client) / No (macOS Client)
Split Tunneling ConfigurationDynamically configured on the client by NetWall on every connection attempt, fully transparent for the user.Statically configured in SSL VPN configuration file downloadable from NetWall SSL VPN Portal. Any changes require the end user to re-download and re-apply the configuration file.
Number of Routes325
Largest SubnetNo limitation/24
Client Support
Support for 3rd Party ClientsYesNo
Clavister Client Versions
  • OneConnect 3.0 or later
  • Up to OneConnect Classic SSL VPN 2.x for Windows
  • Up to OneConnect Classic 2.x for macOS
Operating Systems Supported by Clavister Clients
  • Android 9 or later
  • iOS 14.1 or later
  • iPadOS 14.1 or later
  • macOS 11.00 (Big Sur) or later
  • Windows 10 or later
  • macOS 10.12 (Sierra) or later
  • Windows 7, 8 and 10
Support for Deep LinksYes, for easy deployment of configuration profilesNo
Support for DNS search suffixesYesNo
Support for URL redirect after connection (SSO Portal from EasyAccess)YesYes
Support for HTTP proxy settingsYes, using Auto Proxy URL to WPAD file.No
Support for VPN on Demand Rules on macOS/iOS/iPadOSYes, per profile, power user setting enabled in PreferencesNo
NetWall Firmware Versions
Supported FromcOS Core 13.00.09CorePlus 9.20.00

Related articles

Configure Clavister OneConnect using deep links
13 Jun, 2022 oneconnect macos ios windows android
How to - Configure your On-Prem firewall to work with the Passwordless VPN SASE service
19 Apr, 2022 oneconnect sase
Configure Clavister OneConnect for macOS, iOS and iPadOS towards NetWall
29 Oct, 2021 sslvpn openconnect oneconnect macos ios netwall
Configuring public certificates in NetWall firewalls
23 Aug, 2022 core certificate oneconnect ipsec vpn
Configure the Android OpenConnect client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect for Windows towards Clavister NetWall
29 Oct, 2021 sslvpn openconnect oneconnect windows
Lets Encrypt - error 9814 - chain had an expired certs
13 Oct, 2021 oneconnect macos openconnect ios
Certificate problem using SSL VPN together with MacOS version 11.1 and up
2 Feb, 2021 core sslvpn macos certificate
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
22 Aug, 2022 onetouch sslvpn oneconnect
Install OneConnect without Microsoft store
25 Feb, 2022 oneconnect windows howto
How do i set up a OneConnect VPN tunnel in cOS core
23 Aug, 2022 core oneconnect
Using Clavister OneConnect Classic SSL VPN client towards the OneConnect server
29 Jun, 2021 core oneconnect
Clavister OneConnect server using cOS Core as CA Server
14 Sep, 2022 oneconnect certificate howto
Configure Clavister OneConnect for Android and ChromeOS towards NetWall
8 Jun, 2022 openconnect oneconnect android
Configure the OpenConnect-GUI client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core



Tagsoneconnectopenconnectsslvpn