How to install openvpn in RedhatLinux enterprise 4

I. openvpn needs to be installed in RedHatLinux enterprise 4. Easy to install, high platform compatibility, and no need to compile the kernel. (I'm disgusted with re-compiling the kernel software); 2. I can penetrate the NAT Intranet without limits. (This is critical because my server is currently in school, in our lab, we use NAT layer by layer.) due to the above two restrictions, I have tried pptpd and opensvn in many existing solutions. Pptpd is an online recommendation

I. openvpn installation requirements under RedHat Linux Enterprise 4

1. Easy installation, high platform compatibility, and no need to compile the kernel. (I'm disgusted with re-compiling the kernel software );

2. can penetrate the NAT Intranet without limits. (This is critical because my server is currently in school, and our labs are all NAT layer by layer ,)

Due to the above two restrictions, I have tried two methods in many existing solutions: pptpd and opensvn. Pptpd is recommended for use on the Internet, because the configuration is very convenient, you can change the configuration of two small files. However, one fatal weakness is that two ports are built. In most cases, penetrating NAT is an obstacle, so I finally gave up. Opensvn solves the NAT problem and does not have any problems in the internal network and public network tests.

The only limit for openvpn is that you cannot use the Windows built-in vpn Client. You need to install additional software. Fortunately, the installation process is very simple.

Ii. openvpn environment installed in Redhat Linux Enterprise 4

1. SERVER: Dell 6850 server, Redhat Linux Enterprise Edition 4 Update 2, Kernel 2.6.9-22. ELsmp.

2. Client: Windows xp SP2

3. Network Structure:

A) We are a lab LAN in Beihang campus network, hosting a server gait.buaa.edu.cn in the school network center.

B) from our lab to the campus network, there is a NAT layer. The lab contains the Intranet address 192.168.48.xxx.

C) The server has an independent external address (an independent address in CERNET). Due to the negligence of the network management center, no port restrictions are imposed on both the Intranet and the outside (this shows the overall level of Beihang network management), so it is possible to activate the VPN service.

D) after my configuration, the VPN service is started on gait.buaa.edu.cn. The default subnet address is 10.0.0.1. In this way, machines on the public network can be dialed in and connected to any campus network host that has been dial in this server. Form a virtual 10.0.0.x subnet. In this sense, the VPN service is also like a "virtual HUB", so that computers inside and outside the school can interwork, so that computers intercepted by layer-by-layer NAT and firewall can connect to a local area.