On Thu, 2014-06-19 at 15:08 -0400, Paul Wouters wrote:
openconnect is for Cisco SSL clients - not something people will want
to deploy unless they run Cisco (and then they should still prefer IPsec)
Not any more. Openconnect is available both as client and server in
Fedora. It is compatible with CISCO servers (and clients respectively),
but there is no requirement whatsoever to use them.
openvpn is a nice alternative (although IMHO, mostly to avoid
IPsec/IKE firewall rules. The often claimed "easier to setup" is simply not
true)
The same is true for openconnect, and it is based on TLS and Datagram
TLS instead of a custom protocol.
regards,
Nikos