using Client VPN endpoints with split tunnels- can't resolve hosted zone addresses using Route 53

Hi,

I've configures Client VPN endpoints with:

• split-tunnel enabled,
• DNS servers enables with the VPC CIDR +2 (Route53)
• Authorization Rules - the destination CIDR is my VPC CIDR + access all = true
• Route Table - the destination CIDR is my VPC CIDR, type=nat , origin = associate

in this status i can get an ec2 with its private IPv4 but not the corresponding A record in the hosted zone.

can't figure this out, thanks in advance. Shay