Conversely, if I am NOT connected to the VPN, I can successfully resolve google.com (however, not any internal network names).
It appears that the com.docker.slirp.exe proxy process is intercepting the DNS queries successfully but instead of sending them through the AnyConnect interface, it is attempting to forward the query directly to my corporate network's DNS server (probably the default on the interface), which doesn't allow external domains to be resolved.
[12:57:52.243][VpnKit ][Debug ] com.docker.slirp.exe: DNS[c968] 192.168.65.2:40099 -> 192.168.65.1 c968 Query:0 na:c:r:rn 0 <qs:google.com. <A|IN>> <an:> <au:> <ad:>
[12:57:52.244][VpnKit ][Debug ] com.docker.slirp.exe: DNS[c968] 192.168.65.2:40099 -> 192.168.65.3 c968 Query:0 na:c:r:rn 0 <qs:google.com. <A|IN>> <an:> <au:> <ad:>
[12:57:52.244][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 -> 192.168.65.1 cd50 Query:0 na:c:r:rn 0 <qs:google.com. <AAAA|IN>> <an:> <au:> <ad:>
[12:57:52.244][ApiProxy ][Info ] Handle DNS query ;; opcode: QUERY, status: NOERROR, id: 51560 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
A
[12:57:52.245][ApiProxy ][Info ] Search for dns server...
[12:57:52.245][VpnKit ][Error ] com.docker.slirp.exe: Error reading /etc/resolv.conf: reading /etc/resolv.conf: Uwt.Uwt_error(Uwt.ENOENT, "uv_fs_open", "/etc/resolv.conf")
[12:57:52.247][ApiProxy ][Info ] Handle DNS query ;; opcode: QUERY, status: NOERROR, id: 52560 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
AAAA
[12:57:52.248][VpnKit ][Debug ] com.docker.slirp.exe: DNS[c968] Forwarding to 10.0.75.1 (secondary(wrapped))
[12:57:52.249][VpnKit ][Debug ] com.docker.slirp.exe: Socket.Datagram.input 192.168.65.2:40099-10.0.75.1:53 (DNS[c968]): creating UDP NAT rule
[12:57:52.249][ApiProxy ][Info ] Handle DNS query ;; opcode: QUERY, status: NOERROR, id: 51560 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
A
[12:57:52.250][VpnKit ][Error ] com.docker.slirp.exe: Error reading /etc/resolv.conf: reading /etc/resolv.conf: Uwt.Uwt_error(Uwt.ENOENT, "uv_fs_open", "/etc/resolv.conf")
[12:57:52.250][ApiProxy ][Info ] Handle DNS query ;; opcode: QUERY, status: NOERROR, id: 52560 ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
AAAA
[12:57:52.250][VpnKit ][Debug ] com.docker.slirp.exe: DNS[c968] Forwarding to 10.0.75.1 (primary(sole))
[12:57:52.252][VpnKit ][Error ] com.docker.slirp.exe: Error reading /etc/resolv.conf: reading /etc/resolv.conf: Uwt.Uwt_error(Uwt.ENOENT, "uv_fs_open", "/etc/resolv.conf")
[12:57:52.252][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] Forwarding to 10.0.75.1 (primary(sole))
[12:57:52.253][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 -> 192.168.65.3 cd50 Query:0 na:c:r:rn 0 <qs:google.com. <AAAA|IN>> <an:> <au:> <ad:>
[12:57:52.253][VpnKit ][Error ] com.docker.slirp.exe: Error reading /etc/resolv.conf: reading /etc/resolv.conf: Uwt.Uwt_error(Uwt.ENOENT, "uv_fs_open", "/etc/resolv.conf")
[12:57:52.254][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] Forwarding to 10.0.75.1 (secondary(wrapped))
[12:57:54.233][ApiProxy ][Info ] Server: hqdc1.hq.practicefusion.com
[12:57:54.234][ApiProxy ][Info ] Address: 10.17.14.11
[12:57:54.234][ApiProxy ][Info ]
[12:57:54.235][ApiProxy ][Info ]
[12:57:54.236][ApiProxy ][Info ] Found dns server 10.17.14.11
[12:57:54.237][ApiProxy ][Info ] Forward DNS query on udp to 10.17.14.11:53
[12:57:54.237][ApiProxy ][Info ] Forward DNS query on udp to 10.17.14.11:53
[12:57:54.238][ApiProxy ][Info ] Forward DNS query on udp to 10.17.14.11:53
[12:57:54.239][ApiProxy ][Info ] Forward DNS query on udp to 10.17.14.11:53
[12:57:54.240][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 <- secondary(wrapped) (c968 Response:0 na:c:r:rn 3 <qs:google.com. <A|IN>> <an:> <au:> <ad:>)
[12:57:54.240][ApiProxy ][Info ] Got response ;; opcode: QUERY, status: NXDOMAIN, id: 51560 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
A
[12:57:54.241][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 <- secondary(wrapped) (cd50 Response:0 na:c:r:rn 3 <qs:google.com. <AAAA|IN>> <an:> <au:> <ad:>)
[12:57:54.242][ApiProxy ][Info ] Got response ;; opcode: QUERY, status: NXDOMAIN, id: 52560 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
AAAA
[12:57:54.242][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 <- secondary(wrapped) (cd50 Response:0 na:c:r:rn 3 <qs:google.com. <AAAA|IN>> <an:> <au:> <ad:>)
[12:57:54.246][ApiProxy ][Info ] Got response ;; opcode: QUERY, status: NXDOMAIN, id: 52560 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
AAAA
[12:57:54.247][ApiProxy ][Info ] Got response ;; opcode: QUERY, status: NXDOMAIN, id: 51560 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN
A
[12:57:54.247][VpnKit ][Info ] ICMP Destination Unreachable: Destination port unreachable
[12:57:54.246][VpnKit ][Debug ] com.docker.slirp.exe: DNS[cd50] 192.168.65.2:40099 <- secondary(wrapped) (c968 Response:0 na:c:r:rn 3 <qs:google.com. <A|IN>> <an:> <au:> <ad:>)
[12:57:54.248][VpnKit ][Info ] ICMP Destination Unreachable: Destination port unreachable
[12:57:57.250][VpnKit ][Debug ] com.docker.slirp.exe: ARP responding to: who-has 192.168.65.1?
[12:57:57.251][VpnKit ][Debug ] com.docker.slirp.exe: ARP responding to: who-has 192.168.65.3?