I have a Cisco ASA running with 8.x code. I have a user using a wireless CDMA card with Vista that VPNs in the network with the Cisco IPSec VPN client. I also have split tunneling enabled. When the users connects, they are assigned a DNS server that is the company's internal server. However, when I perform an NSLookup, I am somehow using the external DNS server.
access-list XYZ_VPN_splitTunnelAcl permit ip object-group Internal_Net any
vpngroup XYZ_VPN dns-server 172.16.xxx.11 172.16.xxx.10
vpngroup XYZ_VPN wins-server 172.16.xxx.10 172.16.xxx.11
vpngroup XYZ_VPN default-domain xyz.com
vpngroup XYZ_VPN split-tunnel XYZ_VPN_splitTunnelAcl
vpngroup XYZ_VPN split-dns xyz.com
From the Vista PC (IPConfig)
Connection-specific DNS Suffix . : xyz.com
DNS Servers . . . . . . . . . . . : 172.16.xxx.11
Default Server: ns1.kscymar06.spcsdns.net
So there is the DNS query going to DNS server bypassing their VPN. Next I changed the default DNS server to their DNS server.
> server 172.16.xxx.11
Default Server: [172.16.xxx.11]
Now DNS queries hit their DNS server. Here are the responses I received.
> nslookup www.google.com
Is this a Vista issue, a split tunneling issue, VPN Client issue, or something else?