Hi

I have a working anyconnect setup with anyconnect 4.7

I have the following setup: 

Main domain: domain-a.local

Secondary domain: domain-b.local

If I'm local on the network, everything works fine. If I'm connected with anyconnect, I can just resolve hosts on domain-a.local If I try to resolve a host in domain-b.local, I get Non-existent domain.

C:\Users\dfuhr>nslookup host-a
Server: dns-a.domain-a.local
Address: 172.17.xxx.xxx

Name: host-a.a.domain-a.local
Address: 172.17.xxx.xxx

C:\Users\dfuhr>nslookup host-a.domain-a.local
Server: dns-a.domain-a.local
Address: 172.17.xxx.xxx

Name: host-a.a.domain-a.local
Address: 172.17.xxx.xxx

C:\Users\dfuhr>nslookup host-b.domain-b.local
Server: dns-a.domain-a.local
Address: 172.17.xxx.xxx

*** dns-a.domain-a.local can't find host-b.domain-b.local: Non-existent domain

This happens on all zones, exept on the default zone.

If I'm internal on the network, everthing works fine:

C:\Users\admin>nslookup host-b.domain-b.local
Server: dns-a.domain-a.local
Address: 172.17.xxx.xxx

Name: host-b.domain-b.local
Address: 10.10.xxx.xxx

It doesn't seem to be a dns forward. If I capture internaly the dns request, I get the response from the dns server:

21:53:32.839898 IP 172.18.xxx.xxx.40277 > 172.17.xxx.xxx.53: 23056+ A? host-b.domain-b.local. (37)

21:53:32.840386 IP 172.18.xxx.xxx.40277 > 172.17.xxx.xxx.53: 23056+ A? host-b.domain-b.local. (37)

21:53:32.843756 IP 172.17.xxx.xxx.53 > 172.18.xxx.xxx.40277: 23056* 1/0/0 A 10.10.xxx.xxx (53)

21:53:32.844191 IP 172.17.xxx.xxx.53 > 172.18.xxx.xxx.40277: 23056* 1/0/0 A 10.10.xxx.xxx (53)

Thanks for any help.

Best Regards, 

Daniel