We see several feature requests to add port mapping and other CGN-friendly featuresets but fundamentally VyOS is missing one of the critical distinguishers of a true CGN verses just standard PAT and that's the ability to support full cone NAT or endpoint independent NAT.
Per RFC this is defined below:
RFC6888 REQ-7 implemented for it to be considered "complete" https://datatracker.ietf.org/doc/html/rfc6888
Ironically it looks like another contributor has attempted the same here:
https://github.com/DmitriyEshenko/vyos-cgnat
This should just be part of any native CGN featureset and is on par with other commercial products of the world such as Juniper/Cisco/A10 implementations.