Hola Meraki Community!
I'm upgrading a remote site from a Barracuda firewall to an MX64. Now, this site currently has a "DNS Service" install on the Barracuda to split DNS. This remote site has it's PCs domain joined (hence the current setup). On the MX how am I able to do this (if necessary) to have normal internet requests go through ISP DNS, and only AD requests through the VPN tunnel?
You can't do this on Meraki.
What would be "best practice" then so users can authenticate? I typically setup IPsec tunnels, but don't want ALL their traffic flowing through the VPN.
Thanks for the image. My only issue here is our corporate firewall is not Meraki, it's Barracuda. So when I select Spoke, I have no option of manually creating the hub. Under Organization-Wide Settings I do have the Non Meraki Peer created.
@jdsilva is correct. You should direct all your DNS requests to the AD servers. The actual web browsing and the like will still go out the local circuit.
So for the subnet that requires this, manually set the DNS to our AD Servers under the DHCP settings of that subnet, correct?
Thanks for all the help everyone!