Hello again @pgross,
Our Windows client(ZDEW) has the ability to automatically tunnel SRV records that match a wildcard configuration, you might want to review this thread: Conneting Remote Endpoints with a On-Prem AD - #6 by emoscardini
Let me know if that makes sense & if you have questions afterwards.