IPsec in Tunnel Mode between Windows XP Professional and OpenBSD with X.509v3 Certificate Authentication

For the fundamental understanding of this paper, knowledge of IPsec is not mandatory, but nevertheless helpful. As an introduction it’s recommended to read:
http://www.informatik.uni-bremen.de/grp/ag-sec/Seminar/WS00/ipsec.ps.
The following paper describes in detail the configuration of an IPsec Host-to-Host connection between OpenBSD and Windows XP Professional with Authentication via X.509v3 Certificates. A VPN can be implemented with simple modifications. Windows XP Professional’s IPsec implementation corresponds approximately to that of Windows 2000 Professional with the High Encryption Service Pack (3DES). Most sections of this paper’s descriptions can also be used with Windows 2000 Professional. Download the paper here : http://www.filefactory.com/file/cfd0a10/n/winxp-openbsd_ipsec_tunnel-mode_vpn_with_x509v3_certificates.pdf