Hello, depending on the possibilities you have in your
infrastructure, what you can do is have a host with a Wazuh worker,
which has connectivity with the private network and has a permanent
connection with the VPN to report with the Wazuh master.
The important thing about this change is that the agent you mentioned has
constant connectivity with this new worker to avoid losses.
Here you have the documentation on how to configure the cluster or add a new node: https://documentation.wazuh.com/current/user-manual/manager/configuring-cluster/index.html
Then you have to modify the agent configuration, pointing to the new worker's IP and restart the Wazuh agent service so that it starts reporting to the new worker.
We currently have a feature request with the aim of improving the management of agent logs for cases similar to those you raised.
You can track it from here: https://github.com/wazuh/wazuh/issues/23446