Menu
Home Explore People Places Arts History Plants & Animals Science Life & Culture Technology
On this page
OpenConnect
Open-source VPN application
  • Free and open-source software portal

OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

The OpenConnect client supports the following VPN protocols:

It was originally written as an open-source replacement for Cisco's proprietary AnyConnect SSL VPN client, which is supported by several Cisco routers.

As of July 2023, support for several other proprietary VPN protocols is desired or in development:

We don't have any images related to OpenConnect yet.
We don't have any YouTube videos related to OpenConnect yet.
We don't have any PDF documents related to OpenConnect yet.
We don't have any Books related to OpenConnect yet.
We don't have any archived web articles related to OpenConnect yet.

Architecture

The OpenConnect client is written primarily in C, and it contains much of the infrastructure necessary to add additional VPN protocols operating in a similar flow, and to connect to them via a common user interface:11

  • Initial connection to the VPN server via TLS
  • Authentication phase via HTTPS (using HTML forms, client certificates, XML, etc.)
  • Server-provided routing configuration, in a protocol-agnostic format, which can be processed by a vpnc-script
  • Data transport phase via a UDP-based tunnel (DTLS or ESP), with fallback to a TLS-based tunnel

OpenConnect can be built to use either the GnuTLS or OpenSSL libraries for TLS, DTLS and cryptographic primitives.

Platforms

OpenConnect is available on Solaris, Linux, OpenBSD, FreeBSD, MacOS, and has graphical user interface clients for Windows,12 GNOME,13 and KDE.14 A graphical client for OpenConnect is also available for Android devices,15 and it has been integrated into router firmware packages such as OpenWrt.16

OpenConnect VPN graphical client

The OpenConnect project provide clients for Windows17 and macOS.

Server

The OpenConnect project also offers an Cisco AnyConnect-compatible server, ocserv,18 and thus offers a full client-server VPN solution.

OpenConnect and ocserv now implement an extended version of the Cisco AnyConnect VPN protocol, which has been proposed as an Internet Standard.19 Both OpenConnect and ocserv strive to maintain backwards-compatibility with Cisco AnyConnect servers and clients.

Notable uses

OpenConnect's implementation of the Cisco AnyConnect protocol is sufficiently complete, such that some of Cisco's own IP phone devices embed a very old release of OpenConnect20 in order to connect to Cisco SSL VPNs.2122

References

  1. "OpenConnect 7.05 release". lists.infradead.org. 2015-03-10. Retrieved 2023-07-10. https://lists.infradead.org/pipermail/openconnect-devel/2015-March/002818.html

  2. "OpenConnect 8.00 release". lists.infradead.org. 2019-01-04. Archived from the original on 2020-06-09. https://web.archive.org/web/20200609161130/https://lists.infradead.org/pipermail/openconnect-devel/2019-January/005178.html

  3. "OpenConnect 8.04 release". lists.infradead.org. 2019-08-09. Retrieved 2023-07-10. https://www.infradead.org/openconnect/changelog.html

  4. "OpenConnect 8.20 release". lists.infradead.org. 2022-02-20. Retrieved 2023-07-10. https://lists.infradead.org/pipermail/openconnect-devel/2022-February/005089.html

  5. ""Development of OpenConnect was started after a trial of the Cisco client under Linux found it to have many deficiencies …"". Infradead.org. Retrieved 2018-08-13. https://www.infradead.org/openconnect/

  6. "Issues - Draft: SonicWall NetExtender support". https://gitlab.com/openconnect/openconnect/-/issues/143

  7. "Merge requests - Draft: CheckPoint SNX support". 5 June 2021. https://gitlab.com/openconnect/openconnect/-/merge_requests/207

  8. "Merge requests - Draft: Add H3C TLS VPN protocol". 23 July 2022. https://gitlab.com/openconnect/openconnect/-/merge_requests/397

  9. "Issues - Add support for Barracuda CloudGen Firewall". https://gitlab.com/openconnect/openconnect/-/issues/574

  10. "Issues - Huawei SSL VPN support". https://gitlab.com/openconnect/openconnect/-/issues/603

  11. Daniel Lenski (September 17, 2020). "How VPNs Work- The Ins and Outs". DAMA Portland. https://damapdx.org/2020/08/28/september-2020-openconnect/

  12. "OpenConnect graphical client". GitLab. Retrieved 2023-01-23. https://gitlab.com/openconnect/openconnect-gui

  13. "NetworkManager-openconnect". gnome.org. Retrieved 2020-01-27. https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/

  14. "NetworkManagement". kde.org. Retrieved 2014-10-28. https://userbase.kde.org/NetworkManagement

  15. "Android UI for OpenConnect VPN client". GitLab. Retrieved 2023-01-23. https://gitlab.com/openconnect/ics-openconnect

  16. "VPN Overview". openwrt.org. Retrieved 2018-03-15. https://openwrt.org/docs/guide-user/services/vpn/overview#openconnect-based_vpn_solutions

  17. "OpenConnect VPN graphical client". OpenConnect VPN graphical client. Retrieved 2024-10-16. https://gui.openconnect-vpn.net

  18. OpenConnect VPN Server. https://ocserv.gitlab.io/www/

  19. N. Mavrogiannopoulos (October 2020). The OpenConnect VPN Protocol Version 1.2. IETF. I-D draft-mavrogiannopoulos-openconnect-03. https://datatracker.ietf.org/doc/html/draft-mavrogiannopoulos-openconnect-03

  20. "ocserv issues #51". https://gitlab.com/openconnect/ocserv/-/issues/51#note_322138534

  21. Nikos Mavrogiannopoulos. "Recipe: VoIP network with ocserv". https://ocserv.gitlab.io/www/recipes-ocserv-ip-phone.html

  22. "Open Source License Notices for the SPA525G" (PDF). Cisco. https://www.cisco.com/c/dam/en/us/td/docs/general/warranty/osln_525g.pdf