yeah ...I know... eh ? 

Put it this way...higher MTU will simply mean that every packet will carry much more data, BUT, there is way higher possibility that packets will be fragmented, so at the end of the day, its really a question speeds vs reliability/efficiency.

I know these things 🙂 ... I was simply just wondering if anyone had any experience on setting this up on Check Point. But it will probably be okay just setting the right MTU on all involved interfaces.

Im glad you asked, because I have set it up and also helped customers do it and it does work. Is it recommended, thats whole another story... : - )

Assuming you have control of every MTU setting in the network path and can set them identically it should work fine.  However should any of these MTUs in the path revert to a default or get accidentally lowered you will be severely punished with terrible performance caused by roughly 50% packet loss due to the inability to fragment IPSec.  As a proactive step, I'd strongly advise making sure all the firewalls involved will accept an ICMP Destination Unreachable Code 4 (Frag needed) from any source which MIGHT allow you to escape this fate should it occur.

@Timothy_Hall 

ICMP Destination Unreachable Code 4 (Frag needed). With Jumbo Frames / MTU 9216 in every direction, I suppose there should be an src: any, dst: any rule to allow for this? What services will cover Code 4? Do we have to use "dest-unreach"? It claims to be ICMP type 3 so I suppose it's the correct one? 

The existing dest-unreach ICMP service will work, or you could create a more specific one like this:

@Timothy_Hall 

Wonderful!