You may wish to grant access to a Single Sign On Resource that exists only on your internal Company Network, but your remote users cannot access this site as it's behind your firewall.
This article will show very quickly how this can be achieved.
Step 1: Initial test
First, let's confirm that this site is indeed not accessible externally. Using the SSO Browser Extension, the Web GUI or the Hypersocket Desktop Client, we launch the resource - in this case, it is a Moodle site.
As can be observed, the connection times out as there is no route to the host. Let's fix that.
Step 2: Enabling VPN Access
This feature requires the Client Support extension to be installed, which it should be by default - but it is worth checking first by navigating to Extensions -> Installed.
Navigate to Resources -> Single Sign On and edit the Moodle resource that was already created and working for your internal users.
Click on the Network tab and turn the Enable VPN switch on. Click Update to save the resource.
Step 3: Testing
Because we now have the option set to use the VPN, this resource will only work if it is launched from the Desktop Client, as it needs to use the VPN capability of that client. It still also needs to have the SSO Extension installed, as once the extension sees the page appear successfully, it then takes over to sign the user in to the site.
End result: The site is now working and even appears to be using the same hostname and URL that is used internally.