Microsoft VPN client behind Checkpoint

[ifconf]

I have Checkpoint NG AI R55 and I am trying to establish a VPN connection from my XP Pro Workstation to a Microsoft 2000 VPN server which is behind a Sonicwall firewall. The VPN connection times out with the error "Error 721: The remote server did not respond". I know that the VPN server is not the problem and I know that the Sonicwall is not the problem as I am able to connect if I use a dialup to the internet thereby bypassing my Checkpoint firewall. On my firewall logs I can see the pptp traffic going out but there is no response back and no dropped packets. If I capture the traffic going to the VPN server on the inside of the Sonicwall firewall I can see session trying to start but there is a "TCP Out-of-Order" in the connection session which I think is where the problem is.
Does any one have a solution, thanks

 

[stooo]

Are you using a Hide NAT for the client machine? If so this won't work.
Put in a static NAT (or a manual static NAT entry between the client and pptp server) and it should work

 

[ifconf]

Unfortunatly that is not an option as I have up to 30 support engineers that may have to use this method of connecting. I cannot afford to use up 30 registered IP's. I know that this is possible with other types of firewalls so it must be a configuration issue.