GPOs don't work on the VPN?

Problem:  

Branch office or managed laptops are missing group policies.

Definition:  Group Policy Slow Link Detection

Slow-link detection identifies slow connections:  Slow transfer rates or high latency.  This process can trigger applications to scale back feature and function.  For example, slow link detection may interfere with distributed file systems (DFS).   In other situations, slow link detection can prevent remote workstations from receiving GPO updates.

Background:  

Wide-spread high-speed Internet connections (e.g., 100 Mbps) were uncommon before c. 2009.  Older network protocols were less efficient (e.g., SMB2 vs SMB3).  Slow-link detection was designed to compensate for poor connections.  This legacy process continues to impact modern network services (e.g., Windows 2019). 

Group Policy Slow Link Detection:

Connection rates are measured between the domain controllers and the client.  Group policy changes are not distributed when this transfer rate is less than 500 kbps. 

500 kbps may seem reasonable -but it's not. 

Solution:

Disable slow link detection:

   GPO:  Policies\Administrative Templates\System\Group Policy\Slow Link Detection

Options:  Enable this policy.

• Enter 0 to disable slow-link detection.
• Alternately, set high connection speed rate (e.g., 10000 Kbps is ~10 Mbps).

That's it!

References:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc978717(v=technet.10)

Active Directory Network Administration Windows Server