I am working on a project in which we are installing equipment throughout a campus which we will need remote access to. The campus is providing us an outside network connection from their network which we are planning on connecting to our router’s WAN port. We are using our own router (Araknis an-300-rt-4l2w) to provide our own network so the campus does not have to deal with maintaining and updating the equipment. Our router would connect to our switches and hand out IP addresses from it’s DHCP server. This all seems to work just fine but we are unable to use the VPN features (OpenVPN) from our router to connect to the network from the outside. I believe this is due to double-NAT as our router pulls an address from the campus network and our AV equipment is then behind our router. Is there anyway around this using the crude topology below? I have tried playing with static routing but have not had any success. We would like VPN access as it would be a more efficeint way to troubleshoot, etc.