Active Directory Domain Controller can't be resolved on local machine through Point-to-Site (P2S) VPN gateway

For development purposes, I am trying to setup:

1. Azure Cloud: Virtual Machine with Windows Server 2019 acting as Domain Controller for Active Directory. machine also has DNS and DHCP.
2. VPN Point-To-Site so that local (physical) workstations can connect to Domain Controller
3. Join local (physical) workstations (Windows 10 Pro)to Active Directory domain.

Item 1 - done. I have up and running Windows Server 2019 with AD DC Item 2 - done. From local machine (Windows 10 Pro) I can ping AD DC. Item 2a - done. I have one Azure VM (Windows Server 2019) that can also ping AD DC. Item 3 - not working. Local machine (Win 10Pro) can't join AD domain (addc.local). Item 3a - working. Azure VM (WinSer 2019) join AD domain (addc.local).

I tried dozen of tutorials. Finally I (partially) succeeded with:

1. Windows Server 2019 – Active Directory Installation Beginners Guide - Success
2. How to install VPN on windows server 2019 - Fail. Can't establish VPN.
3. Azure - VPN Point to Site | Step By Step Tutorial - Success

Finally I got it up and running with 1 and 3.

• Considering that Azure VM can join Active Directory, I think that AD DC is properly setup. Both machines belong to same VNET.
• Considering that local machine can ping AD DC seams that VNET is properly setup.
• What I don't get is why Azure VM can resolve and join 'addc.local' domain, while local machine can't. On both machines, in network adapters preferred DNS is same: IP address of Domain Controller.

First question is why this doesn't work for local? Second questions is this proper way to do it anyway (taking into account requirements)?

In this case, you may check the followings:

1. Usually the VPN client will inherit the DNS servers configured on the Azure VNet. If you have set the custom DNS server of the Azure VNet is the private IP address of the AD DC after you set up a client VPN connection. You could re-download your VPN client packages from the Azure portal. See this1 and this2 for more details.
2. Can you ping or nslookup the AD DC with its FQDN like dcVM.addc.local? If not, it might be a DNS issue. Read https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances#name-resolution-that-uses-your-own-dns-server
3. For best performance, when you are using Azure VMs as DNS servers, IPv6 should be disabled.
4. Not sure, but you could try this solution.