I have just installed 2 nokia ip380's in ha configuration with checkpoint ngai r55. Everything works fine. Because we have exhausted our currently assigned 32 ip addresses I had to request another from our isp. They assigned me with an additional subnet (non-contiguous). I have configured the external cisco 1703 router with the first address of the new range, and configured it as secondary. I beleive the routing from the outside world to the firewall (via the cisco router) works fine. I can ping the fw and router from each other.
My problem is that I cannot access any server that has any of the new addresses assigned from the internet (via nat in the fw). It works ok if I assign one of the current addresses.
I have configured each fw with an ip address from the new range (by adding it as an additional ip to the interface). I did this with voyager. I then added another interface 'test1' and 'test2' in the topology of checkpoint's fw objects and assigned the same ip address as per their ipso config. Note that this has not been added to the cluster object, just each of the fw objects.
I can logon to any server on any of the 5 internal networks and ping a server that has the newly public address assigned to it, and I get a response. But when I try and achevie this externally it times out after hitting our external router interface.
Any ideas?