Clavister (Classic) SSL VPN vs OneConnect (OpenConnect based) SSL VPN

Last modified on 13 Jul, 2021. Revision 27
With the introduction of the OneConnect specific server in 13.00.09 there could be a bit of a confusion what is supported by each protocol.
Up to date for
cOS Core 13.00.09
Status OK
Mattias Nordlund

Below is a table describing the differences between the two available SSL VPN Servers in Clavister NetWall.

OneConnect ServerSSL VPN Server
Protocol Features 
TLS (TCP) SupportYesYes
DTLS (UDP) SupportYesNo
ProtocolOpenConnectClavister Proprietary
Outer Transport ProtocolUDP, TCPTCP
Outer IP ProtocolIPv4, IPv6IPv4
Inner IP ProtocolIPv4IPv4
Routing Features
Split Tunneling SupportYesYes (Windows client) / No (macOS Client)
Split Tunneling ConfigurationDynamically configured on the client  by NetWall on every connection attempt, fully transparent for the user.Statically configured in SSL VPN configuration file downloadable from NetWall SSL VPN Portal. Any changes require the end user to re-download and re-apply the configuration file.
Number of Routes325
Largest SubnetNo limitation/24
Client Support
Support for 3rd Party ClientsYesNo
Supported Clavister Clients From OneConnect 3.0 for macOS, iOS, iPadOS and for WindowsUp to OneConnect Classic SSL VPN 2.0 for Windows and OneConnect Classic 2.0 for macOS
NetWall firmware versions
Supported fromcOS Core 13.00.09CorePlus 9.20.00

Related articles

Configure OneConnect V.3 for macOS, iOS and iPadOS towards NetWall
9 Aug, 2021 sslvpn openconnect oneconnect macos ios netwall
Configure the Android OpenConnect client towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect 3 for Windows towards Clavister NetWall
7 Jul, 2021 sslvpn openconnect oneconnect windows
Lets Encrypt - error 9814 - chain had an expired certs
13 Oct, 2021 oneconnect macos openconnect ios
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
12 Oct, 2021 oneconnect sslvpn
Configure the OpenConnect-GUI client towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect macos windows linux core