one of our customers is using DirectAccess to securely connect to their on-prem infrastructure. As they are completing their Windows 10 rollout, we recently discussed AlwaysOnVPN as the successor for DirectAccess. However, we have little doubt if AlwaysOnVPN connections are possible if the Windows 10 client device is located on a screened network. Think of hotspots in hotels or Starbucks. DirectAccess works in this scenario (it uses TCP 443) as https is allowed outbound. According to https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/vpn-map-da#equivalent-funct... , it should be possible if SSTP is used (Fall back to IP-HTTPS when DirectAccess clients are behind firewalls or proxy servers). Can anyone conform this is indeed working?