Networking configuration for Flexy to simulate customer network

I have Flexy devices at customer sites installed in the machines we manufacture. We access those devices remotely via a Talk2M VPN tunnel. The default gateway address of the PLC and related devices is set to the LAN address of the Flexy. All normal stuff.

We have a Flexy and various PLCs at our home office which we use for testing purposes. All devices are currently sitting on our normal internal network. As such, the default gateways of these devices are set to our normal office router. In this scenario I am of course unable to access the PLC via a VPN connection to the Flexy since the PLC’s default gateway is set to the office router, not to the Flexy. So the traffic has no route back to the Flexy and over the VPN.

While sitting on the home office network I would Ideally like to have direct LAN access to the PLC and Flexy (the Flexy’s lan interface) for convenience purposes while ALSO allowing me to VPN into the Flexy while remote. The problem as I said in this case is that while on my normal network there will not be a route back to the Flexy and hence to the VPN.

Alternatively I could create a new IP subnet on my internal network but this prevents the “direct LAN access” scenario.

How have others handled this?

With a flexy you can use NAT 1:1 to reach the LAN devices while not on the VPN. Here is a post that explains the setup.