Running Rancher Agent Behind VPN

Hello, I’m looking to run Rancher with both the server and the hosts behind NAT, so I’ve set up a cloud OpenVPN server and am running OpenVPN clients in docker containers on each hosting machine. I did this using https://github.com/dperson/openvpn-client. I’m running the rancher server using the --net=container:vpn flag, and I’ve set the server url as the VPN tunnel IP. I’m trying to add a custom host, and Rancher UI spits out this long command:

sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent:v2.0.6 --server https://192.168.255.6 --token zpqnftdblghlrjf2l6b6h448m744lbw2b5tnl6ldjl6ldmnc29zvh9 --ca-checksum fadedb05a695e56c5372267216ad7ee0362f0a730d50e73ebb5645a1626e6aeb --etcd --controlplane --worker

I’m trying to figure out how I can modify this command so I can run it on another host outside the local network of the server with a VPN client running and connect as a host. My first thought was to change --net=host to --net=container:vpn but that led to a whole host of errors. Does anyone have any ideas?