Non-Check Point products does not have "ike_use_largest_possible_subnets (supernetting)" feature, this is the reason why we need to disable that feature on Check Point.
(Exchanging keys with another vendor gateway uses
largest possible subnet –Check Point uses the best possible subnet to increase the performance while doing IKE key exchanges by default)
DNS packets should not be allowed firstly, otherwise that results DNS resolution problems for VPN domains.
------------------------------------------------------------------------------------
# dbedit Enter Server name (ENTER for 'localhost'): Enter User Name: fwadmin Enter User Password: abc123