For some reason the DNS servers for the connecting VPN client do not get used and this caused problems especially as the internal AD domain suffix was split brain DNS and was getting resolved externally first.
After trying various things including registry hacks removing IPv6 etc I found out that it worked fine as long as I specified a default DNS server and used a named connection suffix.
Downside is that this is useless as I wanted to leverage DHCP wherever I may be and hard coding DNS servers would become a problem when roaming between internally and externally.
I finally found that all I had to do was change the metric on the network interface. For both ipv4 AND ipv6 remove automatic metric and set to 100. After this, no problems.