Hello,
Azure AD joined devices can still maintain single sign-on access to on-premises resources when they are on the organization's network. Devices that are Azure AD joined can still authenticate to on-premises servers like file, print, and other applications.
Did you check your DNS configuration through the VPN?
Can you please give more details about your issue?
Regards,
Thierry