diff --git a/tests/Makefile.am b/tests/Makefile.am
index a74a55ad..1fa76f97 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -58,8 +58,8 @@ dist_check_SCRIPTS += test-iroute test-multi-cookie test-pass-script \
 #other tests requiring nuttcp for traffic
 if ENABLE_NUTTCP_TESTS
 dist_check_SCRIPTS += traffic lz4-compression lzs-compression \
-	aes256-cipher aes128-cipher aes256-gcm-cipher aes128-gcm-cipher \
-	test-config-per-group
+	aes256-cipher aes128-cipher oc-aes256-gcm-cipher oc-aes128-gcm-cipher \
+	test-config-per-group ac-aes128-gcm-cipher ac-aes256-gcm-cipher
 endif
 
 endif
diff --git a/tests/ac-aes128-gcm-cipher b/tests/ac-aes128-gcm-cipher
new file mode 100755
index 00000000..15b2334b
--- /dev/null
+++ b/tests/ac-aes128-gcm-cipher
@@ -0,0 +1,31 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This tests support for anyconnect's DTLS1.2 support
+
+PKG_CONFIG="${PKG_CONFIG:-/usr/bin/pkg-config}"
+CIPHER12_NAME="AES128-GCM-SHA256"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-128-GCM)"
+
+${PKG_CONFIG} --atleast-version=8.02 openconnect
+test $? != 0 && exit 77
+
+. cipher-common.sh
+
diff --git a/tests/ac-aes256-gcm-cipher b/tests/ac-aes256-gcm-cipher
new file mode 100755
index 00000000..ca388659
--- /dev/null
+++ b/tests/ac-aes256-gcm-cipher
@@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+# This tests support for anyconnect's DTLS1.2 support
+
+PKG_CONFIG="${PKG_CONFIG:-/usr/bin/pkg-config}"
+CIPHER12_NAME="AES256-GCM-SHA384"
+GNUTLS_NAME="(DTLS1.2)-(RSA)-(AES-256-GCM)"
+
+# There is a bug preventing AES256-GCM-SHA384 to work in openconnect
+# 8.02.
+${PKG_CONFIG} --atleast-version=8.03 openconnect
+test $? != 0 && exit 77
+
+. cipher-common.sh
+
diff --git a/tests/cipher-common.sh b/tests/cipher-common.sh
index 9bc1b110..b3e358be 100755
--- a/tests/cipher-common.sh
+++ b/tests/cipher-common.sh
@@ -78,16 +78,22 @@ ${CMDNS2} ${SERV} -p ${PIDFILE} -f -c ${CONFIG} ${DEBUG} & PID=$!
 
 sleep 4
 
+if test -n "${CIPHER12_NAME}";then
+	CSTR="--dtls12-ciphers ${CIPHER12_NAME} --dtls-ciphers UNKNOWN"
+else
+	CSTR="--dtls-ciphers ${CIPHER_NAME}"
+fi
+
 # Run clients
 echo " * Getting cookie from ${ADDRESS}:${PORT}..."
-( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --dtls-ciphers=${CIPHER_NAME} --cookieonly )
+( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 ${CSTR} --cookieonly )
 if test $? != 0;then
 	echo "Could not get cookie from server"
 	exit 1
 fi
 
 echo " * Connecting to ${ADDRESS}:${PORT}..."
-( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --dtls-ciphers=${CIPHER_NAME} -s ${srcdir}/scripts/vpnc-script --pid-file=${CLIPID} --passwd-on-stdin -b )
+( echo "test" | ${CMDNS1} ${OPENCONNECT} ${ADDRESS}:${PORT} -u ${USERNAME} --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 ${CSTR} -s ${srcdir}/scripts/vpnc-script --pid-file=${CLIPID} --passwd-on-stdin -b )
 if test $? != 0;then
 	echo "Could not connect to server"
 	exit 1
diff --git a/tests/aes128-gcm-cipher b/tests/oc-aes128-gcm-cipher
similarity index 100%
rename from tests/aes128-gcm-cipher
rename to tests/oc-aes128-gcm-cipher
diff --git a/tests/aes256-gcm-cipher b/tests/oc-aes256-gcm-cipher
similarity index 100%
rename from tests/aes256-gcm-cipher
rename to tests/oc-aes256-gcm-cipher