We have recently implemented Windows Hello for Business in our environment via the hybrid key trust model. Machines in the office are able to enroll in windows hello without issue however VPN devices are having issues. We are using the built in windows VPN, and all traffic is getting sent to our gateway. The machines get the group policy to enforce the requirement however when they log in, they are not prompted to set up a pin or fingerprint. When we go to Settings > Accounts > Sign in options> all of the options tell us "This option is currently unavailable" and then "This sign-in option is only available when connected to your organizations network".
Has anyone else experienced this issue?