I have a dual Bordermanager server setup that has been very stable for the last few years. It is running on older hardware with NW60sp5 and BM38. I need to upgrade to newer hardware NW65sp7 and BM3.9sp1 but need to accomplish this with minimal impact for our internet users.

The main server sits on a Sate ip block and is used to primarily access State of Texas websites. It has a T1 connection and runs a C2S VPN and Firewall. With Http Proxy

The second server, and the one I would like to upgrade first, sits on a Cable connection to a local provider.

We use a proxy pac on the first serve to essentially say for All state traffic go out server 1 and for all other traffic go out server 2 This setup has been rock solid for 4+ years.

This particular server (server 2) hardware is ancient by todays standards and is the one I want to replace first. This server only does Http proxy and has the default filters. The problem for me is I only have 1 public address to use for this cable connection.

Ip addreesees:
Default Route 208.242.xxx.xxx
BM Server outside 208.242.xxx.xxx
Inside ip 192.77.15.xxx

My fist thought on doing this upgrade was to create an new container in NDS and install a new server with Bogus addresses, Down the old server and change ip addresses to match what I currently have. This scenario does have some down time involved , however.

I was wondering if it might be possible to bring up a new server in Parallel with this old server long enough to test things out, withstanding that there is only 1 public address available for the outside interface.

Does anyone have any ideas on how I could change this old server out with a minimum of downtime?
Please point me in the right direction.