VPN client installation

The following section describes the installation process of Cisco AnyConnect Secure Mobility Client version 4.5.02036 and 3.1.14018 on the operating systems listed below:

Unfortunately, DPDHL can not support 3rd party desktops, including installations, upgrading and troubleshooting of Cisco AnyConnect VPN client for Windows/Linux/macOS. For sort out any of issues like that, please contact your local IT/local desktop support.

Supported operating systems

Name
Windows and client 4.5 (recommended)
Windows and client 3.1 (NOT recommended - 3.1 will be out of support soon)
Linux and client 4.5



* * * * W A R N I N G * * * *

To enhance security and quality of service DPDHL is discontinuing the support of old, obsolete Cisco AnyConnect client version 2.x, 3.x and some 4.x clients on its Remote Access infrastructure.

The minimum supported version will be 4.5.x.

All lower client versions will not be able to connect (i.e. Access will be DENIED) after January 30, 2019.

Please upgrade your Cisco AnyConnect clients as soon as possible to ensure your continued access to DPDHL network.

* * * * W A R N I N G * * * *



Client 4.5 - Windows installation

For fresh installation or upgrade from previous/older versions use the same procedure explained below.

Step 1

Unzip downloaded zip archive into some directory.

The installation process takes approximately two minues and requires administrative privileges.

Run Setup.exe


Step 2

The installation of Cisco AnyConnect VPN client consists of two modules, the the VPN client and DART for collecting data during troubleshooting, and is driven by simple wizard. Enable installations of "Core & VPN" module and "Diagnostic And Reporting Tool" module. Other modules are not needed, unless required due usage AnyConnect client for another purposes. If needed, please, consult with your local IT support.


Step 3

Click "Install Selected" button and confirm "Ok"

Step 4

Please accept license agreement (button "Accept")

Step 5

Installation will start...

Step 6

Installation in progress...

Step 7

As soon as the installation finishes (confirm by "Ok" buton), you can use VPN AnyConnect client. Reboot of PC for the changes to take effect not needed for this version.

Reboot not needed in case of uninstall VPN AnyConnect client version 4.5.x too.

Step 8

The following image depicts the graphical window of the Cisco AnyConnect VPN client.




Client 3.1 (obsolete) - Windows installation

Step 1

The installation of Cisco AnyConnect VPN client consists of two modules, the VPN client and DART for collecting data during troubleshooting, and does not require any intervention on the part of the user. The installation process takes approximately two minutes and requires administrative privileges.


Step 2

As soon as the installation finishes, reboot the PC for the changes to take effect.

Step 3

The following image depicts the graphical window of the Cisco AnyConnect VPN client.




Client 4.5 - Linux installation

This is HOWTO install of Cisco AnyConnect verson 4.5.02.036 on Ubuntu 18.04.1 LTS.

This is step-by guide, not necessarily the best, but best-effort version :-)

It is possible, that some steps are not necessary, but it is working now on our testing machines.

Prerequisites

It is supposed, that on remote PC is not installed any DHL certificates/keys.

It is MANDATORY, that all of existing user certificates enrolled at DHL side are revoked. If You are not sure, contact DPDHL IT Services through your local DPDHL contact to assure it. Certificate is tight to your vpn username/email.

VPN GUI (Graphical User Interface) is not working, so is used CLI (Commandline User Interface) instead (in Ubuntu 18.04.1)

Step 1. Package extracting and installation

Extract installations file (as root); un-tar create separate directory structure for all files; go to newly created directory and run installation script (it will take 2-3 seconds):

you will got question about license... answer it as yes [y]

Installation done!

Step 2. Public CA certificates manipulation

Copy (as root) all certificates from SSL/Ubuntu store to anyconnect store:

Step 3. DHL CA certificates installation

Download DHL CA cert:

https://extweb.dhl.com/pki/dpdhl_external_i3.crt

... and save it with extension .crt and .pem; copy both to the same directory (as root); example below:

Step 4. Firefox first run

As standard user, which will use Cisco AnyConnect client, start and close Firefox browser.

This "weird" step is necessary to have created firefox (.mozilla) profile in user (non root) home directory.

Browser have to be closed before continuing !!!

Step 5. Obtaining DHL user certificate (Certificate enrolment)

Start CLI version of client:

write client command "connect xcvpn.dhl.com" (without characters "")

fill username + password

VPN session will be established

Then you need to wait in this step - client is requesting certificate. It can take 1-3 minutes to complete whole process, so dont reset/close session manually.

When certificate obtained, you are asked to close browser (remember Step 4) and certificate is saved (answer Yes [y]).

Check message that certificate was successfully imported...

Step 6. What to do if service died - manipulation with VPNd service

In case of "strange" behavior ("The VPN Service is not available" error), stop and then start vpnagent (as root).

More details in troubleshooting section

7. Regular VPN connection

Reconnect again, if it doesnt happen automatically:

write client command "connect xcvpn.dhl.com" (without characters "")

fill username + password

Done. You are in.

Enjoy.