I have a remote site that connects to Main Office via IPSec IKEV2 VPN.
The VPN connection is working fine, but I am struggling with DNS forwarding.

The remote site previously had a Vigor 2860 router and DNS Forwarding worked fine.
The 2860 has been swapped for a 3900 and this is where the DNS forwarding has stopped.

The Main Office has a DNS server on say 10.0.1.2 and a local domain say mainoffice.local

On the 3900 I have gone to LAN > LAN DNS and created a profile for MainOffice.
I have added the domain name mainoffice.local (I have also tried *.mainoffice.local )
I have set the "Type" to FORWARD
I have set the DNS server to 10.0.1.2
I have set Apply to: "All LANS"

I can ping 10.0.1.2
and I can ping 10.0.1.3 (one of the servers on the mainoffice.local site)

However I cannot ping SERVER1.mainoffice.local or mainoffice.local.

I have enabled "DNS Redirection" in the LAN Profile.

Are there any other settings that could be blocking the DNS Forward?
This all worked without any problems on the 2860.

the 3900 is hardware V2, Firmware 1.4.4.

Any help much appreciated.

Thanks,
Mark