Possibly not the smartest ways, but I usually do it using one of the two approaches.
One method I use - Just make an additional rule for source nat translation
Second approach
1. permit NAT to any destination from “source network1”
rule-set source {
from zone trust;
to zone untrust;
rule r1 {
match {
source-address x.x.x.x/xx;
}
then {
source-nat {
pool {
NAT_pool_X;
}
}
}
}
2. enforce access to those desired 11 destinations via security policies from trust to untrust – where you don’t have 8 destination limit. Also you can use address-set within security policies