Incoming and outgoing TCP sequence numbers should not be changed at the Check Point firewall. I have always asked myself how this can be explained and I have come to the following solution!

This can be checked with the following one-liner:

fw ctl zdebug + packet |grep -A 5 "==I\|==O" |grep -B 5 '<IP-ADDRESS>' |grep "==I\|==O\|Device"

Change the <IP-ADDRESS> in the one-liner to your device.

Please note that "fw ctl zdebug" can cause performance problems on firewalls.

More see here:
"fw ctl zdebug" Helpful Command Combinations