Recently I ran into an issue in regards to accessing internal company websites while using the corporate VPN. Turns out that Windows has its own ideas in regards to network connections (wired/wireless) and VPN’s metrics.
The internal website was only accessible by modifying the metric on the VPN adapter to a lower than 5 value. Reason is that the metric on the ethernet adapter has a lower metric than the VPN.
Modifying the metric setting on the VPN helped, but the VPN confgi is maintained by our IT department, and they (you already guessed it) may change settings and/or reset them back to the intended defaults.
By accident I ran into a more permanent solution by invoking the powers of PowerShell. It turns out that you can manipulate the DNS Client behavior and direct DNS queries for specific hosts an/or domains to specific DNS services.
Start PowerShell with local admin rights.
Add-DnsClientNrptRule -DisplayName "My DNS Override" -Namespace "<FQDN/domain>" -NameServers "DNSSERVER#1","DNSSERVER#2"
The minimum required number of DNS servers is 1.
This setting will survive reboots, so it’s pretty permanent.
Checking the current DNS Client settings:
Get-DnsClientNrptRule | more
Find the entry with the DisplayName giving while creating the override.
If you want to remove the entry you created you need the Name of the rule. This is represented by a GUID between curly brackets (e.g. {E5FA72F5-5575-4C15-9A2C-5F2D7B59845F}).
Remove-DnsClientNrptRule -Name "{E5FA72F5-5575-4C15-9A2C-5F2D7B59845F}"Unfortunatelly, you cannot use the DisplayName (which is more user-friendly/readable)