I'm helping a new team member onboard with Open Claw's IronClaw attestation client. They're hitting a consistent failure when running it from inside their corporate network, specifically while connected to the company VPN. The local checks pass, but the remote attestation step times out.

We've confirmed the standard stuff: the client machine is compliant, the firewall rules *should* be permissive, and it works instantly when they disconnect from the VPN and use a standard connection. This points to the VPN gateway itself interfering—likely deep packet inspection or a non-standard proxy that's mangling the attestation handshake.

Has anyone else run into this with their enterprise network setups? We're looking for potential workarounds that don't involve asking their infosec team to tear down the corporate firewall. Would a dedicated egress proxy for just the attestation traffic be a viable path, or are there configuration flags we're missing?