Hola Meraki Community!
I'm upgrading a remote site from a Barracuda firewall to an MX64. Now, this site currently has a "DNS Service" install on the Barracuda to split DNS. This remote site has it's PCs domain joined (hence the current setup). On the MX how am I able to do this (if necessary) to have normal internet requests go through ISP DNS, and only AD requests through the VPN tunnel?
What would be "best practice" then so users can authenticate? I typically setup IPsec tunnels, but don't want ALL their traffic flowing through the VPN.
Thanks for the image. My only issue here is our corporate firewall is not Meraki, it's Barracuda. So when I select Spoke, I have no option of manually creating the hub. Under Organization-Wide Settings I do have the Non Meraki Peer created.
@jdsilva is correct. You should direct all your DNS requests to the AD servers. The actual web browsing and the like will still go out the local circuit.