Well, you first need something running a VPN server, and a way to reach it from the outside.
If you have no way to configure your office's router to forward a port from the Internet to your system (and give you a fixed internal IP in the process), or ask someone to do this, then you'll need to run a VPN server (OpenVPN in particular) outside of the network, making sure client-to-client communication is enabled, and have a machine within your office that connects to it. You can then reach the system inside the network by connecting to the OpenVPN server.
You can use OpenVPN to join anything inside the network as well. If you have to put the server outside of the network, it will be inefficient as traffic will be going from your network, to the external VPN server, and back. You could set up a second OpenVPN server on the same machine as the first, one for inside your network and another outside.
You still have the issue of what range of IP addresses to choose. The best is if you can secure a range of unused IP addresses in your office's 10.x.x.x block - this will be simplest. If you have to reuse something already in use on your office's network, you'll need to set up NAT on the VPN server (or really should, rather).
Can I have a single computer with two NICs where a VPN service allows remote connections into the 192
Yes, and in this instance you'll need it. One NIC will be connected to your office network, the other will be connected to the systems you want to isolate on their own network. On this second NIC you'll need to attach a switch and connect all systems you want there behind it. You mention a "pivot" system in your question - the term you want to use for this is "router" - and, you will have to set up routing and DHCP on this system - Linux does routing (it's part of many consumer routers) and there are many DHCP packages for Linux. (I've used a PC with two NICs running Linux as a router for years.)
This is a bit of a high-level answer, and yes, it's involved (you are talking about needing to be familiar with Linux, OpenVPN, Linux's networking features, and setting up a DHCP server), but defintely possible.