The dhcp and dns is coming off from our internal dhcp server (proteus/bluecat).

Also, I'm not doing any split tunneling.

If not doing split-tunneling, the client sends all IP traffic through the tunnel.

This means no DNS request can be sent through the Internet.

Question:

1. In the VPN server configuration, you are injecting the IP address of the DNS server it should use when connecting via VPN?

I'm not really talking about DHCP, my question is when the AnyConnect client connects via VPN it receives an IP address from a local pool of addresses or via DHCP? Is the VPN server configured to inject a DNS server to the client upon connection?

2. If you manually change the DNS server IP address (on the client) to the correct DNS server, it works fine?

Federico.

Hopefully if I give you the full details, it would be helpful.

Here's what we have on our dns suffix.

corp.company.com

newcompany.com

I try to resolve an entry ie.  me f  rom dos prompt, which resides in newcompany.com.  The dns server I have vpn client pointing to only holds zone for newcompany.com and forwards other to corp.company.com server.

So, once I'm connected and pings me, the capture shows following:

me.corp.company.com   standard query no such response    <----- coming from my primary dns server

then it tries to query me.corp.company.com to external ip address few times and then it goes back to dns server and resolves it.

Also, the ASA injects the correct DNS server.  If I manually puts in same DNS server.  I have the same issue.  Also, do you know why the my ISP default gateway gets blank out after I connect with vpn client.  I only see the ip address and mask but not the gateway when I do the ipconfig /all.  I do see correct ip/mask and gateway from internal.