You can via VPN or "Port Forwarding".
If you want to have full control and also have access to network resources you can use VPN.
But if you just want to access, eg VPN, RDP, Radmin, etc.. In that case I recommend you only open the required port in the firewall on "Port Forwarding"
The "Port Forwarding" system is more insecure and leave exposed to the access port to your public IP, you can create access rules to improve safety but if you do not know or can. Through brute force any system could remotely take control of the system, and Zentyal could not do anything about it because you created the access rule manually.