Hello everyone,
We are looking to deploy the Remote Access Always on VPN infrastructure, but have found a pre-requisite regarding DNS zones for external and internal. The documentation (https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy) states the following:
- Active Directory domain infrastructure, including one or more Domain Name System (DNS) servers. Both internal and external Domain Name System (DNS) zones are required, which assumes that the internal zone is a delegated subdomain of the external zone (for example, corp.contoso.com and contoso.com).
We have matching internal and external domain names, however our internal was created before our external was. Is anyone aware if this is a hard requirement for Always on VPN? If not, what are the disadvantages of this approach? We haven't investigated if we'll need to transition to this dns model, but it certainly sounds like a bit of work.