We are using Microsoft PKI to issue user and computer certificates using autoenrollment to window 10 machines. Certificates are issuing perfectly for machines connected on corporate LAN using wired and wireless connectivity. But certificate not getting issued for window 10 endpoints connected on SSL VPN ( working from home). Autoenrollment GPO is linked to endpoints and applied successfully over VPN connection, also endpoints have autoenroll rights on template.
VPN gateway is setup in a way that we need to reconnect VPN once signout and signin back into the computer.
No event has been seen in event viewer for updating local certificate store for any newly issued certificate and MMC personal store is showing blank. Please suggest how to autoenroll certificates for window 10 machines connected on SSL VPN connection.