I had started on the basis that Qubes provides a classic
internet-inna-box, and hacked about with SNAT. But there's a far
simpler solution.
First, take a backup of /usr/lib64/python2.7/site-packages/qubes/ - just
copy that directory somewhere safe.
Second, take a backup of /usr/lib64/python2.7/site-packages/qubes/ -
Shutdown all running network connected qubes.
Look in /usr/lib64/python2.7/site-packages/qubes/modules -
delete 005QubesNetVm.pyc and 005QubesNetVm.pyc
edit 005QubesNetVm.py and change every occurrence of 10.137 to 172.16
save the file.
Restart sys-net, and any network connected qubes, as usual.
Job done.
NB, this isn't perfect because it doesn't correctly set the proxy service
IP. If you use the default Qubes proxy you'll have to adjust iptables
to get it working properly.
Also, you'll see that disposableVMs have a different range - I don't use
that at all, and have custom scripts to spawn disposableVMs attached to
different routes. Should be trivial to work round that if you do
something different.
Both are, as they say, left as an exercise for the reader.
This is, of course a hack, not supported, and undoubtedly breaks your
warranty.
If it all goes horribly wrong, shutdown all qubes, restore the original
files from your backup and restart the network.
unman