It sounds to me like you tried SEVEN different tests on EIGHT diferent firewalls, and got NINE different results, and now need to come up with TEN ideas to fix them.

My opinion is that ONE firewall is enough!!

If it is configured correctly, you will not have any issues. Instead of wasting time with more than one firewall take some time to try an IDS.

Like it has been said before in these forums, using more than one firewall is like using more than one condom. It doesn't really give you any extra protection and it just makes it harder to get the job done.