Install PGP somewhere and reboot your machine.
The corresponding OpenBSD isakmpd.conf can be found here.
I always use the export mode when doing configuration. First, configure your gateway as this.
Enter the same Shared Passphrase as in your isakmpd.conf. In this example: 'mekmitasdigoat'.
Now your setting should look something like this.
Now we want to add our internal network behind the gateway. Click on belanna and select add. We want to add a new host entry behind gateway.
Configure the internal network like this.
And when we click ok, the resulting screen should look something like this.
We drop a few packets before the handshake is done and we are now up and running. If we look at the routing entry in the gateway it looks like this.
That should be it. Configuration of the PGP client is very straight forward. It's no problem to alter the default timings or anything. One of the problems with PGPnet version 7 when running on Win2k is that it's not possible to bind it to a specific interface. This is a problem when I take my laptop and sometimes is directly connected to 10.0.0.0 and sometimes not. Since PGPnet is active all the time it also kicks when I'm directly connected. I have verified this with Network Associates and their suggestion was to use manual connect when I'm not in my office.