Add a "fallback" DNS server *after* DHCP sends DNS servers? (Windows 10 Enterprise)

Question

We have some old software running on our user workstations (running Windows 10 Enterprise) with a custom host/domain hardcoded into it. This used to point to an internal server that we've now moved to Azure. The software works fine if the user connects to our VPN and can access our on-prem DNS, but if they're off-prem, the custom host/domain obviously doesn't resolve.

We have a DNS server on the internet that we've added the entry to, but of course, the off-network workstations have no way of knowing to go to that DNS server in order to resolve our custom host/domain.

The usual solution to this seems to be to edit the 'hosts' file, but we're trying to avoid that.

Is it possible to either:

A) Hard-code a DNS server with a low priority that DHCP won't override? (Can Group Policy do this?) Usually DHCP provides 2 DNS Servers - it's fine if there's a delay in resolution from these 2 failing, but can we add a permanent DNS server entry with lower priority than what DHCP provides so that it will always be there?

B) Detect a DNS (or really, any) update via DHCP and then add a DNS server entry after receiving a list from DHCP (I'm thinking PowerShell here)

C) Some other solution we're not thinking of?

Answer 1

Hello NemWSchlecht

In most situations the VPN server should provide via DHCP the DNS Servers assigned to that scope, what you can try is to manually add the correct DNS server into the VPN Adapter in the Network Connections item of the Windows Settings.

On the other hand, the most reliable solution should to be add a static route in the HOSTS file if you need that specific routing only for 1 application.

--------------------------------------------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept as answer--