When AV enforcement is enabled on the VPN zone it stops all traffic. We route all traffic via the tunnel including Internet. The VPN tunnel remains open - just doesn't pass traffic. All remote computers have the AV client installed. The Sonicwall does not prompt for the AV to be updated or installed. I have ran packet captures and the packet never reaches the client from the firewall to check the status of the remotes AV status.
Computers on the LAN side of the firewall work fine.