I have a Juniper SSG 5 firewall in a datacenter. The first interface (eth0/0) has been assigned a static IP address and has three other addresses configured for VIP Nat. I have a static route configured at the lowest priority for 0.0.0.0/0 to my hosting company's gateway.

Now I need to configure a second IP block. I have the IPs assigned to the second interface (eth0/1) which is in the same security zone and virtual router as the first. However, with this interface enabled I (a) can't initiate outbound sessions (browse the internet, ping, DNS lookup, etc) even though I can access servers behind the firewall just fine from the outside and (b) can't ping the management IP of the firewall/gateway.

I've tried anything I can think of but I guess this is a little above my head. Could anyone point me in the right direction?

Interfaces: ethernet0/0 xxx.xxx.242.4/29 Untrust Layer3
ethernet0/1 xxx.xxx.152.0/28 Untrust Layer3

Routes:

http://i.stack.imgur.com/60s41.png