Nasty NAT solutions for siemens ip ranges 192.168.215.0/24?

I have the problem that our OT people have multiple sinumerik siemens ncu production lines where each production line does have a 192.168.215.0/24 ip subnet configured.

Now ot people want to access devices behind this production lines. The problem we in it have is that we cannot simply route multiple 192.168.215.0/24 subnets so easily without natting.

So i created a PoC with a Fortigate 40F firewall and one to one nat for one production line. This is working as expected since every ip in range 192.168.215.0/24 gets translated to something like 10.100.0.0/24.

I also created another reddit thread in #fortinet where I posted the exact configuration for the simple 1:1 subnet nat:
Forti40F 1_1 NAT Test

The problem I have is if I have multiple such vlan interfaces i can create a 2nd and 3rd one with a different VRF ID but then those vlans stop working since nat and routing isnt working anymore then.

Does someone know an example config or a solution which helps in such situation? The problem is that this internal sinumerik siemens ip range is hardcoded in every sinumerik ncu and cannot be changed.