openconnect server-side

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Thu Feb 7 12:49:15 EST 2013


Hello,
 I've put together a currently experimental server [0] that is
interoperable with the openconnect client.
My goals for that server is:
1. to make it fully functional, i.e., at least handle all the use cases
that openconnect is used for.

2. optimize as much as possible, while enforcing an isolation mechanism
between clients and the authentication process

3. [longer term] To support in addition to the custom cisco DTLS
negotiation protocol, a standard's compliant DTLS mode (e.g. with PSK
ciphersuites).

Currently the basic stuff (should) work, i.e., connecting using TLS and
DTLS and tunnel establishment. I don't know whether real world VPN
use-cases are handled though. Is there anyone interested in that?

regards,
Nikos

[0]. http://git.infradead.org/ocserv.git



More information about the openconnect-devel mailing list