I need to preface this by saying that I'm not a networking guy so please excuse some fumbling of terminology below. I'll do my best to clarify anything that doesn't make sense. The environment I'm in is a shared workspace, kinda like WeWork but without any IT infrastructure or resources. There's a business-level ISP router that has a wifi network that everyone in the building uses. I had a networking friend help me come up with a gameplan for my own network within this environment, but he has recently gotten super busy and I'm not sure he'll be able to help me finish it. I ran a Cat5 cable from the ISP router to my USG, which is my edge device/firewall. Within that is a switch, controller, printer, a couple workstations, a couple PoE cams and the Synology NAS. We have internet, speeds are great, and I can monitor the cams & controller w/Unifi apps. I can also remote into the Synology control panel easy-peasy. Where I have been at a standstill is the double-NAT issue (ISP router + USG) preventing me from accessing the NAS files when not on the local network. Obviously we can't put the ISP router in bridge mode, because everyone else in the building uses it for internet access. So my networking friend said we can get a block of static IPs from the ISP to get around this. Before this, we had tried port forwarding, but could never get to the files. I also set up a bunch of things in the NAS settings to enable remote access (Quick Connect, DDNS, etc.) I now have a block of static IPs, but don't know how to configure the NAS and/or USG to use them. I also don't know what I'm trying to do from here to get this thing accessible. All I want to do now is map the root level folder of the NAS on remote clients so that we can access files outside the LAN. That's it. Can anyone help me with the next steps, or point me in the right direction? I've been searching related terms online and finding a ton of info, but I don't know what's relevant to me, or a good idea from a networking & security standpoint. I also know so little about this stuff that when I see advice like 'just edit the CLI and .json files!' it freaks me out. Any ideas? Thanks in advance! Edit: further context on the project is in this thread. The location now is the office environment described above.