Note to my self...........
For a customer I had a huge struggle with Checkpoint. I don't know if it's me or what it is :-)
We had this administrator network to reach all the servers, and for this network they had internaly open all the traffic for ANY/ANY since it was only the IT-Department running on this network.
When connecting to Lync2013 from this network it failed.
WHY???? since we had opened it for ANY/ANY.
Well ANY/ANY is not any/any in Checkpoint it's almost any/alomost any :-). When Lync Client connect on SSL, the Checkpoint strip this traffic and you are not able to logon the Lync Client from this network.
Why the Checkpoint does this I don't know. We had to add TCP 5061 in front of the ANY/ANY rule and then it work.
Happy Checkpointing and Lync 2013 out there.