UDP Traffic on 600 / 700 appliances is dropped due to "Violated Unidirectional Connection"
The VPN User is trying to authenticate with an internal server on the LAN. The Authentication is sent in UDP. The Check Point appliance does not allow replies to UDP packet (This is by Default).
When a UDP connection reaches the Security Gateway, it marks it in its Connections Table to allow traffic to pass in one direction only. If a UDP connection uses a two way (bi-directional) communication, this would create a violation and the Security Gateway will drop the connection for reason: "Violated Unidirectional Connection".
Also, UDP traffic may be dropped when the source port is reused.