Question : VPN set up between sites with the same IP subnet (192.168.1.0), can this work using the Check Point VPN client

I have scanned many posts but don't seem to see the answer.
I am using Check Point FW and VPN client and want a Vendor to access our network but they are on teh same subnet as us (192.168.1.0).   Their network is quite small with only one server holding thier AD, SQL and Exchange and no DMZ.    I know that two sites with the same subnet messes up routing to our network but can anyone suggest a workaround without one of us having to change our subnet?  Even an off the wall short term solution like... put a router behind thier FW and put the client on a different subnet???
Any/all suggestions are welcome.

Thank you in advance.

Answer : VPN set up between sites with the same IP subnet (192.168.1.0), can this work using the Check Point VPN client

Well, here is some good news on a wet Friday (well it is here :P)

In short, yes, you can have a remote access VPN to your network from a network witht eh smae addressing scheme.

Are you using secure client or secure remote for the VPN client?

If secure client, then use office mode IP addresses, ensuring the office mode IPs are different from all nets used in all sites

If secure remote, we can still get around the same addressing scheme by using IP Pool NAT.  This is enabled per interface on teh gateway, and normally is only needed on the external interface.

Select an IP Pool similar to the office mode range as above and this will give every incoming client an IP from that pool, and thus solving the issue.

I would have a look at the CP admin guide to get more details on this procedure, but if you can't find them, let me know what version of CP you are running and I will attahc it here.