I'd love it if someone could save me the time this would take to lab!  And if it doesn't work, it's a feature request please!

My customer is adding a DR site that will be a complete BGP failover - lots of identical addressing. Firewall management ports are unique though, so we have a unique FW object for each site, all nicely working.  They are NOT a cluster, but they run the same policy, and the live site will be the one seeing the LAN and WAN networks as BGP hands them to it.

However, for public internet access, in order to make this work without a lot of stress with VPN partners, the DR site gateway should have a duplicate address on it's internet interface (only).  So:

• Mostly unique addressing, but external IP is a duplicate
• Only one GW effectively active at a time, whichever is receiving BGP routes etc
• They are not clustered, but they run the same policy and protect the same encryption domain
• They are primary and secondary (prioritized list) center gateways in a star community running MEP
• Center gateways are not meshed (obviously).  There is an internal MPLS.
• Gateways have the public IP defined as the VPN address in Link Selection
• Connections to third party satellites gateways in this scenario use shared keys

Does this work?  Are there any issues with the address being identical?

Thanks!