I’m looking at a permanent install of a Windows machine that runs a few digital signs. I want to achieve remote access and file upload to the Windows box, as well as accessing the internal web server of the displays on the same LAN. This LAN will be attached to a corporate network, but I would prefer if it did not have access to the internet. I’ll have to work with the IT department to get this happening, of course, but I’m hoping to go in prepped with potential solutions. Could anyone tell me if these ideas will work, or what I’m missing?

• VPN tunnel. This would be whichever VPN that their IT supports. Would I be able to simply install the client on the windows box and my machine, and then on my machine connect to the VPN, use TeamViewer in LAN mode for control of the Windows box, and web browser for control of displays? I’m assuming their IT would set up the upstream switch to only pass that VPN connection, so that the Windows box does not see the internet, and I cannot see their internal network.
• Some kind of IPMI/PiKVM solution- This would be a second computer, attached to the corporate network, but not to the signage LAN. It would just be a KVM for the Windows box. I would then dial into that via its webserver, and control the Windows machine. The control for the displays would be accessed via browser on the Windows machine. I like this solution, as it keeps the networks separate, but I think that uploading files will be a challenge.
• Or is there a better way?