Internal & External IP's Different

It seems to me from the above that you are trying to use VPN to connect inside your network. That will not work. Move the laptop with the VPN client to an outside network and try again.

No, the access is from a different location physically.  When on a network we simply use remote desktop without any VPN connection.

Also, it is happening on two different networks.  On our network the static IP set on the server is 10.2.3.10 yet I have to use 10.2.3.121 to connect to the server from outside the network.  Internally I can use the 10.2.3.10 IP without problem.  My desktop has a static IP of 10.2.3.99 yet I have to use 10.2.3.126 to connect from outside the network via VPN.  Everything works fine but obviously I have done something incorrectly.  If you do not know the "secondary" DHCP issued IP you cannot connect.

VPN works as follows:

Inside Network (10.2.3.x) to Outside IP via router to internet to Different Outside IP to Inside Network (10.2.4.x)

Everything you have is one network 102.3.x and everything is on this network. That is why it is not working correctly.

I am not understanding what you mean.  I am here in the shop and establish a VPN connection to a different network across town.  I understand what you mean about internal subnet to public IP on our router to different public IP on remote router with a different subnet behind it.  The mask is /24 so they would be different subnets behind each of the routers.  I can from my desktop ping the remote server IP of 10.2.8.10.  If I try to remote desktop to that server using 10.2.8.10 the session times out saying the remote computer cannot be contacted.  If I look at the DHCP of the remote server I see DHCP has issued 10 IP's to RAS, 10.2.8.100 - 10.2.8.109.  If I run a tracert from my desktop to 10.2.8.10 the first hop is 10.2.8.109 and the second hop is 10.2.8.10.  If I try a remote desktop session using 10.2.8.109 it connects to the server instantly and functions without any problems at all.  The same scenario occurs when I take my laptop home and connect to the network here at work.   I establish a VPN connection to the server without problem.  My desktop has a static IP of 10.2.3.99 yet I have to use 10.2.3.126 to establish a remote desktop session.

I am here in the shop and establish a VPN connection to a different network across town.

This is helpful and clearer.  

I make the subnets inside each network to be the whole range, so:  10.2.8.1 - 10.2.8.255 so that you may contact any device on the network ("If I run a tracert from my desktop to 10.2.8.10"), this address can be contacted.

I am using hardware VPN (simpler) but the concepts are the same.

The entire network (.1 - .254) at each location is accessible.  My consternation is that I am no longer able to use the static IP of the server for the VPN connection.  It wasn't always this way.  I am not sure when things changed.  On some sites we use hardware VPN's so the IP being contacted is that of the VPN Endpoint and this problem is not present.  On some sites (such as our shop) we pass the VPN connection through the router and allow the server to handle the VPN connection.  It is on these sites that I must now know what the second IP is before I can establish a remote desktop connection.  I used to be able to connect a remote desktop session using the static IP on the server but somewhere along the line "something" changed.  I am also unsure if the "secondary" IP will remain constant.  If I set up a VPN connection on a client's laptop using the secondary IP and then it changes ... well you get the picture.

In the picture above you have a double NAT situation (passing VPN through) so you would need to enable NAT traversal in Host or Client VPN or both. I have to do this as well myself.

I will look into this - thanks.