I have a lab subnet(10.10.25.1 from outside and its inside has 172.16.2.0/24) in the corporate network that's accessible via openVPN while people are in the office. (Their openVPN client would connect to 10.10.25.1).
I'm asked to make this lab subnet more easily accessible while people are outside of the office.
The frontend VPN infrastructure for the office is Cisco ASA Anyconnect.
People use Anyconnect to connect to corporate network from outside (coffee shops, home, etc). ASA has a public outside interface with public ip.
But when people use Anyconnect and then openVPN on top of it to access the lab subnet, their computers crash. I assume it's due to double NAT-ing and computer not being able to handle double VPN network adapters.
Is there a way to have this lab subnet more easily accessible? Or shall I have VNC/RDP desktops in the corporate network that can access the lab subnet on the users behalf?
Or is setting a NAT between another public IP with openVPN address more viable?