VPN: Split DNS for SSL VPN Clients
Perform selective DNS forwarding via the SSL VPN tunnel for a given list of domains to the DNS servers that are pushed to the client when the VPN is established.
All other DNS lookups should be performed to the local DNS servers the client uses. Thus you would be able to look up both instead of having to choose.
This feature is absolutely necessary.
For example when you have maintenance tasks at a customer with whom you are connected via SSLVPN all day. Then you get the DNS configuration and search domain delivered by the SSLVPN client.
Since you are still connected to your workplace and local IT infrastructure you lose the local DNS because all requests go to the remote DNS server behind the tunnel.
Bob, with established sslvpn tunnel you can only resolve *remote* internals domains not local ones.
If you are sitting at customer side for example, e.g. with internal dns largeenterprise.corp and lots of customer systems you could/should resolve/access. Once the vpn tunnel is established, you wont be able to resolve any of these hosts. You have to know ip addresses to access customer system (or even edit your local host file *uhh*). You can only resolve your own servers via vpn, e.g. with domain mycompany.local (and of course all public domains if the dns settings allow this).
So it would be very nice if both local and remote *internal* domains can be resolved with established sslvpn.
Bob Alfson commented
Andreas, what problem do you see that makes you want this functionality?