[nsiddiqi]

I am configuring internal FWs for my client. The way it is configured is that two NGX are cluster A, on one subnet the interfaces were aggregated and then a VLAN with the IP 10.87.1.40 (Cluster IP) was set. On the other interface no VLAN but an IP of 10.87.244.40 was set.

On the 10.87.244.0 subnet two more NGX FW are installed as cluster B with the IP 10.87.244.10. The two clusters are connected via switch on 10.87.244.0 subnet.
Now from the cluster B I am able to ping all the interfaces of cluster A but not able to ping the router interface on 10.87.1.0 subnet nor the management server with IP 10.87.1.50. Same results from the other side that I can ping all the interface of cluster A but not B.
What I need to do so that the router on subnet 10.87.1.0 start pinging the firewall interfaces of cluster B, which is behind firewall cluster A?
After it start communicating what ports should I open on cluster A so that the management station can create a secure channel with cluster B firewalls?