This will be because as others stated and suggested is that you have a Site to Site VPN between the 2 sites.
When you establish a Site to Site VPN between Check Point Gateways/Clusters then it includes the External Interfaces in the Encryption Domain.
As such when the Management Server that is likely part of Site A Enc Domain tries to communicate with the Site B Cluster then tries to go over the Site to Site VPN.
Easiest way I find to solve this is with
To exclude the Site B Gateway and Cluster IP from the VPN.
Will be the $FWDIR/lib/crypt.def file that edit if all on the same software version
Is the SK article that states what the location of crypt.def file is depending on Management and Software version.
This ensures that the Check Point Management Traffic does not attempt to go via the VPN and also that any Platform Management, ie WebUI, SSH etc also does not go over the VPN.
This traffic is all encrypted anyway and means that if the VPN is down then can still connect.