Solution Use Cases

VPN Client Emulation

VPN Client Emulation - Cobham Wireless´ TeraVM statefully emulates leading SSL/IPsec VPN clients: Cisco AnyConnect, Juniper Junos Pulse and Network Connect and Fortinet FortiGate client.

Test With Real VPN Clients

TeraVM statefully emulates leading SSL/IPsec VPN clients: Cisco AnyConnect, Juniper Junos Pulse and Network Connect and Fortinet FortiGate client. Each emulated VPN client communicates directly with a corresponding VPN appliance (e.g. ASA 5585, SA 6500) as if it were a real or genuine client. From the VPN appliance's perspective it appears as if a real client is negotiating security parameters and passing along live application traffic. So if you want to emulate tens of thousands of VPN clients without actually instantiating that many real clients then TeraVM is the solution for you. A key benefit of Cobham's VPN client emulation is the ability to analyze performance on each and every VPN tunnel, plus analyze the performance of each of the applications running inside each and every VPN tunnel.

Emulating the leading VPN vendor clients


  • AnyConnect SSL VPN client (both ASA and IOS/ASR1k variants)
  • AnyConnect IPSec IKEv2 VPN client (both ASA and IOS/ASR1k variants)


  • FortiGate SSL/TLS client (includes certificate authentication)


  • Network Connect client (ESP/SSL, with Realm assignment)
  • Pulse client (with Realm assignment)

Understanding VPN Client Performance

Defining the correct balance of security policies for a VPN client is essential in ensuring network security and the ability to deliver a reasonable level of Quality of Experience for the tunnelled application. Testing secure sever gateway performance is not only dependent on the performance of the tunnel establishment, but also the ability to test application performance e.g. video, voice and data in the configured tunnels. In addition for users to debug application based issues they will require unencrypted packet captures.

Per Flow Enables Unqiue Applications Per Each and Every VPN Client

Cobham's stateful VPN clients are used to represent real-world scenarios where each VPN client is unique. In addition, Cobham's per flow architecture is used to enable emulation of a number of concurrent applications such as voice, video and data being encrypted in the tunnel.

Cobham Wireless´ VPN Emulation Use Case

A sample usage scenario is to emulate real IP Phones; establish connectivity with a Call Manager/firewall using TLS sessions and traverse RTP using SRTP. Cobham Wireless is used to emulate thousands of unique VPN clients, providing performance measurements in real time per; MAC, DHCP V6/V4 session establishment, individual TFTP registration with Call Manager, individual parsing of TFTP information per emulated VoIP end point model, SIP/TLS session, RTP/SRTP session with Call Manager.

Targeted Device Testing

Cobham Wireless is used extensively in testing performance of secure VPN appliance, enterprise call management devices, firewalls, IMS Session Border Controllers and layer 4-7 application scalability.