Thinking about it, as the whole machine is under MDM (I only have the VPN on my dedicated work machine), there might be additional quirks that mess with the networking as well. Even bridging the Wi-fi to it was kind of a PITA.