[chillyjim]

1. SecureClient can be used without a policy server but it does still (legally anyway) require a license. The licensing wasn't enforced well before R60.

You need to check your "Remote Access" settings on the gateway and make sure it is set to allow non-verified connections. Also make sure that the office mode pool is routable within your network or is being NATed to something that is.

2. There are some ways to get around this but none are really good. Giving people a host table is one way around it, and probably the safest way.

SecureClient's office mode is the "right" way to do this.

That being said, you should complain to your local Check Point SE/Sales Rep that this should be part of SecuRemote and not a charged item. If enough people complain, TPTB will listen.