App Authentication fails over Twingate, works local

I don’t know if this is a Twingate issue, but maybe you can help.

I’m trying to connect Backup Exec Server (on physical server) to a Backup Exec Remote Agent (on laptop).

When the server and laptop are on same LAN, no problem connecting the Server to the Agent.

When I take the laptop off the LAN and try to connect via Twingate, authentication fails using the same credentials (Azure AD joined, non-hybrid, user AzureAd\[username]).

I’ve confirmed that the Server can ping the laptop over Twingate and the Agent can ping the Server. The web console shows the Server making the connecting to the Agent.

I’ve tried disabling the firewall, but there’s no change.

Backup Exec support was useless.

Is there anything you can think of that might explain and/or fix this problem?

Site wouldn’t let me delete this question.

Connecting via Resource IP instead of the alias solved the problem. No idea why that would fix it, though.