Trying to get my head around something and wanted a 2nd opinion.

Scenario:

Domain A and Domain B, on seperate networks behind firewalls however using the same subnet
Want to be able to log into a server on domain B with a user account on domain A

Been looking through documentation regarding AD FS and forest trusts.

From what I can tell AD FS wont help me here

I believe I will need to re IP one of the domains, link them with a VPN tunnel and set up a one way trust between the 2 domains/forests.

Anyone know of another way?

Cheers

Could you not use some nat rules on the firewalls to hide the IPs from one domain?