Backup Firewall / NAT or masquerade into internal network

I want to have a backup firewall, in case something does not work with the main firewall or for maintance on the main firewall. I setup a second NS which can be reached from the outside with port forwarding and VPN and I can connect to the this second NS from the outside.

However, the problem ist that the main firewall is the default gateway for the whole network, so if it is switched off, the routing from clients do not work any more. Neither with port forwarding nor VPN, because the clients try to send the return packets to the wrong gateway.

Is there the possibility to have a reverse NAT on either the port forwarding or the VPN on the second server, i.e. that all port forwarding or VPN traffi seem to come from the internal IP from the second server, so that no default gateway is needed?

Another application would be if you have a single IP in a foreign network A, but want to have network A reachable from network B, but you cannot change the routing in A. I.e. all traffic going from B to A must be masqueraded over the single IP in network A.