To send queries for the company internal (sub)-domains to the company DNS resolvers behind the VPN, the resolver can be configured with the following commands:
# Configure internal corporate domain name resolvers:
resolvectl dns tun0 192.0.2.53 192.0.2.54
# Only use the internal corporate resolvers for domain names under these:
resolvectl domain tun0 "~example.com"
# Not super nice, but might be needed:
resolvectl dnssec tun0 off
[via]https://www.gabriel.urdhr.fr/2020/03/17/systemd-revolved-dns-configuration-for-vpn/[/via]