macos – Share Checkpoint VPN with OS X Internet Sharing

I want to share my VPN connection over WiFi using internet sharing, but something doesn't work.

My current setup is:

  • Macbook Pro: macOS Mojave 10.14.6
  • VPN client: CheckPoint Endpoint Security for Mac

Enter the image description here

I've tried the steps here, but something doesn't work.

Some of the NAT rules I've tried:

nat on utun1 from bridge100:network to any -> (utun1)

#OR 
nat on utun1 from 192.168.2.2/24 to any -> (utun1)

#OR 
nat on en6 from 192.168.2.2/24 to any -> (en6)
nat on utun1 from 192.168.2.2/24 to any -> (utun1)

#and many more...

My script looks like this:

#!/bin/sh
sysctl -w net.inet.ip.forwarding=1
sysctl -w net.inet.ip.fw.enable=1
sysctl -w net.inet6.ip6.forwarding=1

#disables pfctl
pfctl -d
sleep 1

#flushes all pfctl rules
pfctl -F all
sleep 1

#starts pfctl and loads the rules from the nat-rules file
pfctl -f ./nat-rules -e

Internet sharing works without VPN enabled, but after I enable it, I get Connected, no internet ….

Is there something wrong with my NAT rule or does the VPN run via CheckPoint Endpoint Security?