In specific environments, you may be connecting NG Firewall to a remote network via IPsec and the local side of the tunnel must be a specific IP address defined by the remote side.
In this scenario, you can add the remote defined IP as an alias on your WAN interface, then create a NAT rule to translate VPN traffic to the alias IP address.
This scenario is best described through the following example:
Local Public IP: 126.96.36.199
Local network: 192.168.100.0/32
Assigned VPN IP (alias): 172.30.100.10/32
Remote Public IP: 188.8.131.52
Remote network: 10.10.10.0/32
External Interface Alias: Found in Config > Network > Interfaces
Add the alias IP to the external (WAN) Interface
VPN Configuration: Make sure to put the local translated IP in for the Local Network.
NAT Rules: Found in Config > Network > NAT RulesFollow