We have an on-premises Active Directory with Azure AD synchronization (ie: a hybrid environment). Our on-prem includes two separate AD forests that are connected with a two-way trust. For name sake, i'll call these: AD1.local and AD2.local. All client devices are Windows 11 Entra Joined and enrolled in Intune. AD1.local and AD2.local, have their own domain controllers, RRAS, and NPS servers. In Intune, we’ve implemented two AOVPN profiles, one for users in AD1.local and another for those in AD2.local. Additionally, in AD1.local we have a SQL server that runs two separate SQL instances (Instance1 and Instance2). Users from AD1.local connect to Instance1, while users from AD2.local connect to Instance2. When in the office, users from both AD1.local and AD2.local can access their relevant SQL instance without any problems. Also, remote users from AD1.local can connect to their SQL instance via AOVPN. However, remote users from AD2.local are experiencing a timeout error when trying to connect to their instance. They can ping and browse to the SQL server (for example, \SQL01\testshare), and the SQL server can ping the remote AD2.local client devices over the vpn, so it seems this isn’t a firewall or routing issue. On a remote AD2.local device, we can also establish an ODBC SQL test connection. Any advice would be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 90%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPP%3C/text%3E%3C/svg%3E)
