Typically I see this requirement from large institutions that connect VPN with many customers. They are asking that the traffic you send them have a source address that is in a public space controled and assigned to you. This prevents routing issues on the many tunnels they have needing to coordinate the use of RFC1918 addresses across many companies without overlap.
This is NOT the same as NAT-T (NAT traversal) of your VPN gateway.
For this application you could use one of the public addresses assigned to you by your ISP and place this on the st0 interface then create source NAT on interface rules for traffic you send into the tunnel.