OpenConnect
OpenConnect is a free and open-source cross-platform multi-protocol virtual private network client software which implement secure point-to-point connections.
The OpenConnect client supports the following VPN protocols:
- Cisco AnyConnect
- Juniper Secure Connect
- Palo Alto Networks GlobalProtect
- Ivanti/Pulse Connect Secure
- F5 BIG-IP and
- Fortinet FortiGate and
- Array Networks AG SSL VPN
, support for several other proprietary VPN protocols is desired or in development:
- SonicWall NetExtender VPN support
- Check Point SNX VPN support
- H3C VPN support
- Barracuda CloudGen Firewall VPN support
- Huawei VPN support
Architecture
The OpenConnect client is written primarily in C, and it contains much of the infrastructure necessary to add additional VPN protocols operating in a similar flow, and to connect to them via a common user interface:- Initial connection to the VPN server via TLS
- Authentication phase via HTTPS
- Server-provided routing configuration, in a protocol-agnostic format, which can be processed by a
- Data transport phase via a UDP-based tunnel, with fallback to a TLS-based tunnel
- * Built-in event loop to handle Dead Peer Detection, keepalive, rekeying, etc.
Platforms
OpenConnect is available on Solaris, Linux, OpenBSD, FreeBSD, MacOS, and has graphical user interface clients for Windows, GNOME, and KDE. A graphical client for OpenConnect is also available for Android devices,and it has been integrated into router firmware packages such as OpenWrt.
OpenConnect VPN graphical client
The OpenConnect project provide clients for Windows and macOS.Server
The OpenConnect project also offers an Cisco AnyConnect-compatible server, ocserv, and thus offers a full client-server VPN solution.OpenConnect and ocserv now implement an extended version of the Cisco AnyConnect VPN protocol, which has been proposed as an Internet Standard. Both OpenConnect and ocserv strive to maintain backwards-compatibility with Cisco AnyConnect servers and clients.