Apple's software quality slide continues with this recent bug that has existed in all versions of iOS 8, and is thus far unacknowledged. This appears to be related to the rewrite of much of the network stack in current versions of iOS and OS X.
While this previously worked in older versions of iOS (up to and including iOS 7), starting with recent versions if a VPN connection is established into a corporate LAN - and that LAN uses the (very common) .local domain for their internal DNS - name resolution will completely fail. Thus, iPhones and iPads can no longer access any of the sites or applications that rely on the internal name resolution. It appears that this is purely a code bug that causes the DNS resolver on iOS to completely ignore the recursive responses for .local requests.
An extensive thread on Apple's support forums discusses this issue, with the usual crickets response from Cupertino.
The workaround that we've successfully implemented on several of our customer sites is to add a dummy DNS zone specifically for the "local" root zone.
For example, if the internal DNS (AD) name is myclient.local, an existing forward lookup zone will be in place for myclient.local. In order for resolution to now work correctly for iOS, add in a forward lookup zone for local. You can accept all the defaults when creating, and in most cases it will be AD integrated. Then, below this new zone, add a domain (subdomain) for myclient. It is worthwhile to add in name server records into this new zone, and in some cases (depending on the internal application) it may be necessary to add host or cname records under the new zone/domain as well.
As usual, let's hope Apple eventually gets around to fixing this one.