The current runtime routing config looks fine, so let’s try to find resolvers:
DOMAIN="target.domain"; for IP in 192.168.{70..71}.{0..255}; \
do nslookup -timeout=1 ${DOMAIN} ${IP} &> /dev/null && echo ${IP}; done
In addition, check the OpenConnect service log, perhaps resolvers are pushed by the VPN server.