[CPone]

I’m facing some routing issues with checkpoint and I would appreciate if someone can help on this. Here are the details of the problem:



we received a list of valid IP addresses from our ISP in 2001. The IPs were 213.x.y.z /29. We used one of the Valid IP addresses to setup the external interface of our Checkpoint firewall and appropriate licenses accordingly. The remaining IPs were used to host servers and services within our DMZ zone by NATing them behind the firewall. This worked perfectly.



In 2007, we required more valid IP addresses to accommodate additional Internet servers, therefore we requested for additional IP addresses from our ISP. they provided 213.x.y.z /29 (not directly comming after the one we had) to be used by us. According to the ISP, this subnet uses the same upstream gateway as the previous set of IPs.

If I assign one of the new valid IPs to the external interface of the firewall (as a secondary IP), I can ping the interface from the Internet. But when I use one of the valid IPs to host a server in our DMZ zone, I cannot ping that host.

We have some related server that is DESPERATELY waiting to be hosted on the Internet. Please any clue why it is not working?