We’ve got Azure VPN client deployed for around 120 users in my organization and over the past several months we’re experiencing DNS timeouts while connected, which resolve within 5-7 seconds on most sites. It’s become quite an annoyance and I have yet to pin this one down.
I’m able to reproduce the issue by connecting to the VPN using the client, flushing the DNS cache, and simply pinging microsoft.com. While off the VPN the issue does not occur.
OpenVPN(SSL) - P2S connection. High performance Virtual Network Gateway.
Forwarders in Azure are set to 1.1.1.1, 8.8.8.8 but that shouldn’t matter as this is split tunnel unless i’m misunderstanding.
Has anyone else experienced this and know a potential fix?
Update: No resolution to this yet. We engaged MS Premier Support who has had this case for two months.
I worked with three technicians on a call where we captured wireshark logs, verified the routes looked good for anything destined for the internet, and Microsoft was unable to determine the cause.
We’re seeing slowness in resolution or DNS timeouts for ANY site on the internet while connected to the Azure VPN, consistently.
Microsoft’s networking team has asked for wireshark logs off of our DNS servers in our VNET and further logging from client devices.
Update: No resolution to this yet. Microsoft is recommending I implement at NAT Gateway in Azure now. Apparently the Azure VPN isn’t split tunnel after all and traffic destined for the internet goes out the Azure gateway/VNET? More questions than answers on this issue at this point.