On Windows Vista, if split-tunneling is disabled with Network Connect, I have found that DNS requests still get sent to the local ISP (or local LAN) DNS servers. These requests will timeout since split tunneling is disabled and the ISP's DNS servers are not accessible.
This causes delays in IP resolution when the user is trying to use a short name instead of the fully qualified domain name which is typical of most end users when accessing file shares.
Also it explicitly states in the admin guide that the expected behavior is this: "If you disable split-tunneling, all DNS requests go to the IVEÕs DNS server and your setting for the DNS search order preference does not apply." (pg. 609)
JTAC claims this is a Vista problem, but I am skeptical. Has anyone else seen this problem?
We are using 6.3R2 and tested this on Vista SP1
I encountered a similar problem with the Juniper VPN client and Cisco IP Communicator (CIPC). DNS resolution didn't work on the lan interface, but worked on the wireless interface with the VPN client. If we uninstalled CIPC, the VPN client work fine.
IPv6 was disable on the Vista SP1 computer. I uninstalled the client Juniper and CPIC, reactivated IPv6 and restarted. Then, I reinstalled the Juniper VPN client and CIPC, after that everything work fine.
We encountered this issue with 6.3r3 and 6.4r1.