I ended up sorting this out on Friday, and thought I'd post the solution, since it's ridiculously simple and maybe I can save someone some time.
Current IP Setup:
Checkpoint Firewall External (internet facing) Interface: 4.3.2.1 (public IP)
Checkpoint Firewall DMZ (internal) interface: 5.4.3.1 (public IP)
DirectAccess Server "External" NIC (connected to DMZ interface): 5.4.3.2, and 5.4.3.3 (public IPs)
Checkpoint Firewall internal network interface: 192.168.2.1 (private IP)
DirectAccess Server "Internal" NIC(connected to Internal Network interface): 192.168.2.2 (private IP).
Because DirectAccess requires that it's servers external interface have 2 public IP addresses on it, I needed the CP Firewall to pass traffic through without NAT. To do this, I created 2 nodes: DA_External1 (with 5.4.3.2 assigned, and no translation), and DA_External2 (with 5.4.3.3 assigned, and no translation).
Next, I created a rule to allow any source to access those 2 nodes for the ports listed here:
http://technet.microsoft.com/en-us/library/ee382268%28WS.10%29.aspx. I also created a rule to allow the DirectAccess server access out through the ports specified in that link, as well as http/https/icmp.
Finally, and this was the part I was missing before, I had to manually add an entry in the ARP table in SPLAT by using this command: arp -s 5.4.3.2
pub and arp -s 5.4.3.3 pub ... I also went into the SmartDashboard, and under Global Properties -> NAT, ticked "Merge manual proxy ARP configuration".
After doing all this, I can now hit my DA server from the outside world, as well as internally.