How to setup VPN DNS to resolve in independent LANs?

Question

I have two deliberately independent LANs each with their own address space, DHCP and DNS servers. It all works, each LAN can contact the WAN but not the other LAN. 
 SSL VPN is set up so that Users are assigned to one of two Groups: LAN-A or LAN-B, and can only access resources in their assigned LAN. This all works. 
 Resolution of hostnames in each LAN by VPN users is the issue. There are only global settings for SSL VPN having two fields for DNS server. I put the LAN A DNS server as primary and the LAB B DNS server as secondary. LAN A VPN users can resolve LAN A hostnames, but LAN B VPN users cannot resolve LAN B hostnames. Does a DNS request not failover from the primary to the secondary DNS server? Who knows what could be done to accommodate three or more independent LANs - there are seven ports to use. 
 Is there an approach that will let VPN users assigned to both LANs resolve the hotsnames in their assigned LAN by accessing the DNS server in that LAN?

lna · Answer

Hi Dean, 
 currently it is not possible to assign DNS Server on a per Profile base. 
 as a workaround i suggest the following: 
 instead of assigning the internal DNS servers to your VPN users you could configure them to use the XG Firewall as DNS Server. 
 if you configure request routing in the XG DNS Server to have the DNS Suffix of LAN-A routed to LAN-As DNS Server and the DNS Suffix of LAN-B routed to LAN-Bs DNS Server then your VPN users will be able to resolve fully qualified domain names of their Lan Segment. 
 please be aware that a user from LAN-A would be able to resolve (resolve, not access) DNS Names from LAN-B as long as he guesses the correct Suffix. 
 
 Yours Lukas