One last word, as versions are constantly being revised, please be aware that the results posted in this test are only valid for the versions which were tested and may not necessarily match the results of the latest version.

Testing Method

NTT's 3rd IPSec Interoperability testing has been broken into two (2) steps to test interoperability amongst all products. (Due to time limitations, some products were unable to be fully tested.)

Step 1
1.	ICMP Pings were sent by the Initiator on one side of the VPN to the Responder on the other side of the VPN.
2.	To ensure proper transition from Phase 1 to Phase 2 (SA establishment), the IKEVIEW Analyzer was used to log and debug troubles which occurred.
3.	The Initiator and Responder roles were then reversed to confirm proper sequencing in the other direction as well.
4.	Only when both Initiator and Responder roles were completed would the testing continue with Step 2.
Normal Operational Sequencing for Step 1
*Some Notification and HASH Information are include as well.

STEP2
1.	Set the [SA Lifetime] on one side to a very short time span.
2.	Set the [SA Lifetime] of the other side longer than the short lifetime specified in 1.
3.	The VPN device set with the short [SA Lifetime] will then timeout and re-key with the VPN device set with the longer [SA Lifetime] while continuous PINGs are sent across.
4.	Proper [Re-key] sequencing after the SA Lifetime has expired will be confirmed by using the IKEVIEW Analyzer as well as referring to the various logs and/or diagnostic tools of each device.
Normal Operational Sequencing for Step 2
* After [Re-Key] sequencing has completed, a new SPI and Sequence Number should be assigned.
** Notification or other HASH Informational information may also be transmitted as well.

Network Configuration

IP Address Table

(Actual IP addresses used for testing)

Device Name	Global IP Address	IP Address of the Gateway for that device	Private IP Address	Private PC IP Address
WatchGuard Firebox II	10.10.10.1/24	-	192.168.1.1/24	192.168.1.2
Shiva VPN Gateway Plus	10.10.10.2/24	-	192.168.2.1/24	192.168.2.2
PERMIT	10.10.10.3/24	-	192.168.3.1/24	192.168.3.2
Ravlin	10.10.10.4/24	-	192.168.4.1/24	192.168.4.2
Raptor Firewall NT	10.10.10.5/24	-	192.168.5.1/24	192.168.5.2
Sidewinder Security Server	10.10.10.6/24	-	192.168.6.1/24	192.168.6.2
Contivity Extranet Switch	10.10.10.7/24	-	192.168.7.1/24	192.168.7.2
OneGate (FreeGate) 1000	10.10.10.8/24	-	192.168.8.1/24	192.168.8.2
cIPro	10.10.10.9/24	-	192.168.9.1/24	192.168.9.2
VPNet	10.10.10.10/24	-	192.168.10.1/24	192.168.10.2
Mucho-EV (1)	10.10.11.1/24	10.10.10.248	192.168.12.1/24	192.168.12.2
YAMAHA RT140e	10.10.10.13/24	-	192.168.13.1/24	192.168.13.2
Cisco 1720(1)	10.10.12.1/24	10.10.10.254	192.168.14.1/24	192.168.14.2
A2DIS VPN Gateway	10.10.10.15/24	-	192.168.15.1/24	192.168.15.2
PathBuiler	10.10.10.13/24	-	192.168.16.1/24	192.168.16.2
SafeNet Soft/PKI	10.10.10.17/24	-	192.168.17.1/24	192.168.17.2
Mucho-EV (2)	10.10.15.1/24	10.10.10.250	192.168.23.1/24	192.168.23.2
Cisco 1720(2)	10.10.16.1/24	10.10.10.253	192.168.24.1/24	192.168.24.2
OCN Business Pack VPN(FortKnox)	10.10.10.27/24	-	192.168.27.1/24	192.168.27.2
STAR-Gateware	10.10.10.28/24	-	192.168.28.1/24	192.168.28.2

* The default gateway for 10.10.10.0/24 is 10.10.10.254.
* Devices connecting via HSD to the router use an Unnumberd IP.
* SafeNet Soft/PKI was tested with and without the Private IP Address set.