We have a site to site VPN, with split tunneling, between a branch office and headquarter. The VPN is used to extend Active Directory (AD) infrastructure to the branch office. The split tunneling ensures that only AD and DNS traffic from the branch office goes through the VPN. All other traffic, such as web, do not go through the VPN. The DHCP pool on the branch office router is configured as follows:
ip dhcp pool client
dns-server AD_DNS1, AD_DNS2, ISP_DNS1, ISP_DNS2
When the VPN is up, client computers at the branch office would use the Active Directory DNS servers. When the VPN goes down, client computers would use ISP's DNS. From the users' point of view, everything is fine. This all happens automatically.
Let's say we do not want to use the split tunneling anymore. Is there a way to configure the branch office router such that all traffic would flow through the VPN when the VPN is up, and all traffic would go through ISP when VPN is down?