In Windows 10, when connected to a VPN with Split Tunneling enabled (Gateway disabled), DNS resolution always uses the LAN DNS servers, ignoring the DNS servers and the DNS Suffix set on the VPN connection.
The expected behavior is to use the VPN’s DNS servers, otherwise it becomes impossible to resolve DNS entries on the remote network (such as domain computers).
This was working properly in previous version of Windows.
This was widely discussed on this microsoft answers thread.
J’ai fixed this problem permanently by manually setting the metric of my LAN connection to a higher value than the metric of the VPN connection.
Cela peut être fait two ways:
Through the GUI: Network connections > Properties > double click IPv4 > Advanced > Uncheck Automatic Metric > Enter 15 for interface metric > OK > OK.
Command line: netsh int ip set interface interface="LAN CONNECTION NAME" metric=15
The effect is immediate (au moins when using the ligne de commande) and DNS lookups now go through my VPN as expected.
Cela fonctionne with Split Tunneling and is a permanent fix across reconnections and reboots.
Note for IPv6 users, vous devrez change the metric in your LAN IPv6 properties aussi.
Depending on your environment, you may have a different default metric for your VPN connection. Simply adjust your LAN metric to a higher number than your VPN’s.
Notez que you could also change the metric of the VPN instead of the LAN connection, but this wouldn’t be permanent as Windows resets the metric when the connection is established.
De plus, if you find that you cannot edit your VPN’s TCP/IP properties because that was also broken in an early Windows 10 build, vous pouvez set most properties through Powershell:
1. Get-VpnConnection
2. Set-VpnConnection -Name "myVPN" -SplitTunneling $True
3. Set-VpnConnection -Name "myVPN" -DnsSuffix yourdomain.local
Sinon, see this answer below for a way to solve this permanently for a given VPN tunnel with PowerShell.