Always On VPN - DNS queries always sent to all servers

Stephan van Helden 26 Reputation points
2022-07-17T04:46:37.627+00:00

We are using Always On VPN with split tunneling, configured with ProfileXML and a list of internal domain suffixes. It works as expected, however, I noticed that clients always query all DNS servers.

What I had expected:

  • For internal domains, DNS client queries corporate DNS over VPN tunnel
  • For other domains, DNS client queries local DNS (of underlying Internet connection)

What actually happens:

  • For internal domains, DNS client queries all DNS servers, ignores reponses from local DNS and uses response from corporate DNS
  • For other domains, DNS client queries all DNS servers, ignores reponses from corporate DNS and uses response from local DNS

Is this expected behavior with Windows 10 and 11?

Background:

It caused some issues because certain AWS and/or Autodesk services seem to use DNS to detect the client location. When a user from US is connected to a VPN server in Europe, and AWS receives his DNS queries from a European ISP, he is assigned to a European Autodesk server, even thoughhe sends the same DNS queries over his US ISP and connects to Autodesk from US.

It is hard to explain, but according to our tests, it's definitely DNS. We just changed our internal DNS server (the one that serves Always On clients) to route through a US Internet connection, and Autodesk clients are now served by their US server. Change internal DNS back to EU Internet connection -> VPN clients served by EU Autodesk server. Even though the clients do not use the DNS responses from the internal server and do not route Internet traffic over VPN.

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,244 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,013 questions
0 comments No comments
{count} votes