I have a multi site customer on a virtual MPLS. The firewall is also set to Implicitley deny all incoming & outgoing traffic. The corporate office has a windows DNS server & all the other sites use the windows server for their DNS. My problem is when the onsite tech does an ipconfig /all to check his DNS server on their network he sees the firewalls gateway IP address (192.168.20.1) rather than remote DNS server (192.169.100.254) I have tcp/udp 53 opened for DNS to his laptop but I have to disable the Implicit Deny on the LAN side firewall rule for the windows DNS server to show as his primary and for him to resolve hostnames. What should I do?