Trying to setup a VPN tunnel to a supplier with a Checkpoint NG/AI Firewall. The supplier only provides Host Key Exchange as they say that there is a security risk with Subnet Key Exchange.
Have searched the various groups/net, but been unable to find anything on these risks - is this them being lazy or is there something in this?