OpenConnect's implementation of the An圜onnect protocol is sufficiently complete that some of Cisco's own IP phone devices embed a very old release of OpenConnect (rather than Cisco's own proprietary software) in order to be able to connect to Cisco SSL VPNs. The DTLS protocol used by Cisco An圜onnect servers was based on a non-standard, pre-release draft of DTLS 1.0, until support for the DTLS 1.2 standard was added in 2018. Protocols Cisco An圜onnect Ĭisco An圜onnect VPNs utilize TLS to authenticate and configure routing, then DTLS to efficiently encrypt and transport the tunneled VPN traffic, and can fall back to TLS-based transport where firewalls block UDP-based traffic.
Both OpenConnect and ocserv strive to maintain backwards-compatibility with Cisco An圜onnect servers and clients. OpenConnect and ocserv now implement an extended version of the An圜onnect VPN protocol, which has been proposed as an Internet Standard.
As of 2013, the OpenConnect project also offers an An圜onnect-compatible server, ocserv, and thus offers a full client-server VPN solution.