Traffic routing between namespace without istio and namespace with istio

In my cluster I have multiple namespaces. All my 1st-party services are in one namespace and 3rd-party services are running in their own namespaces.

I have Istio enabled on my 1st-party namespace (let’s call it ns-1 ). Istio is not enabled for any of my 3rd-party namespaces.

I have a 3rd-party service that needs to connect to my 1st-party service. The 3rd-party service will use k8s DNS like service1.ns-1.svc.cluster.local to connect to my service. The 3-rd party service can communicate to my 1st party service without TLS. When I enable TLS I don’t know how/where to terminate the TLS?

Is it possible to add a Gateway config between namespaces?