Yes, that can work. Here’s some background that might be helpful, around how that can be configured, and some of the trade-offs...
If you need remote visibility, Server.app can connect to remote servers directly or via VPN, as can other tools such as Screen Sharing or Apple Remote Desktop. That’ll require establishing open ports (and preferably restricting by IP address at the firewall, otherwise they’ll get hammered on and best case your logs will get filled and worst case they’ll find a weak password and game over) or set up either on-demand or site-to-site VPNs. This is one of the most familiar ways folks can manage remote servers.
I’d really not recommend trying to run a file share across the internet. Remote access is slow, the protocols aren’t really intended for that, and the ‘net gremlins will try what they can to access those shares, and you’re all of one bad password or one file share protocol flaw away from a bad day. It is possible to do this, though. It’s also possible to connect to a remote share via VPN, which would be my choice if you really want to do this. It’ll be far slower than local access, though. VPN or otherwise.
Do not use the same subnet on any of your networks, and stay out of 192.168.0.0/24 and 192.168.1.0/24, as having the same subnet on both ends of a VPN does not work, and as some subnets are very commonly used. Like 192.168.0.0/24 and 192.168.1.0/24.
I’m not familiar with the capabilities of the Kerio firewall. I usually prefer a dedicated firewall box with an embedded VPN server. I’ve used ZyXEL ZYWALL USG series in a number of installs. They’re quite capable, but do expect the adminstrator to have knowledge of IP, VPNs, and related details. There are other choices. Host-based VPNs tend to be offline when you need to access the host, unfortunately. Like when you need to fix the host, or the VPN server.
Lock down remote access into your networks as much as possible, and then lock them down some more. Authenticate and encrypt your traffic. Open ports will get probed. Packets will get sniffed. FTP connections are a great way to post your access credentials and to fill your server eith sketchy files. Etc. The net is an increasingly hostile place.
Apple is deprecating most of the network services associated with macOS Server. You may (or will?) be headed for a migration. There are many discussions of these deprecations going on.
TCP and UDP ports used by Apple software products - Apple Support
Prepare for changes to macOS Server - Apple Support