yes. create your NAT statements how you normally would. then, configure your crypto ACL's to match the newly NAT'ed addresses instead of the actual IP's.
you can also use policy nat for you ipsec tunnels, but I dont know the details of your setup so I can't say if that's what you'd need or not.
