I'm using a SRX210 device.
I have a client insisting that we use NO RCF 1918 address within our IPSEC tunnel. So I believe I will need to configure a NAT-T on phase 2 of the tunnel.
My question is this, can I use any address that does not fall within 192.0.0.0.0, 172.0.0.0.0 & 10.0.0.0.0 (basically make up my own address). Or do I need to expand my current Public Subnet with my ISP, and use an address that falls in that new subnet?