[slash85]

Running Checkpoint with AI (R55)

Hi,

We recently got a new range of IP addresses off our ISP and have assigned two ips to our FW's external interface eg:

Previous IP: 194.178.51.60
Additional IP: 193.189.31.88 (both now on the same nic)

There is a different default gateway with the new range which we have also added to the card, so now we have:

194.178.51.60 255.255.255.240 dg: 194.178.51.59
193.189.31.88 255.255.255.224 dg: 193.189.31.87 (again both on the same nic)

We have another interface(wb1) in the FW which directly connects to a webserver(wb2).

wb1 192.168.34.1 255.255.255.0 dg: 193.189.31.88
wb2 192.168.34.14 255.255.255.0 dg: 192.168.34.1

wb2 has a NAT of 193.189.31.89.

We just have a simple rule in place for now to allow a single static external address to ping 193.189.31.89 but with no success, nothing even shows in the logs.

Internally this all works like a DMZ segregating the webserver off from the main network.

Is this supported? Have I missed something? Have I made any sense?

Thanks for any help,
Slash.