Network Address Translation or NAT is frequently used in corporate networks. It allows network owners and administrators to:

  • descrease the amount of static IPs,
  • secure local networks,
  • prevent unwanted external access to the local hosts,
  • hide the entire internal network’s structure.

NAT DNS is a new SafeDNS service feature designed to apply different filtering policies to different networking hardware (routers, gateways, etc.) behind NAT with one public IP.

NB! Your networking hardware should be set up according to the SafeDNS instructions.

An example of NAT DNS usage in a corporate network

NAT DNS set up:

1. Enter Dashboard -> Settings and assign Public IP of a NAT device to one of the existing filtering profiles (to use NAT DNS you must have more than 2 profiles).

2. Manually or via DHCP set up the target DNSes on the end devices (routers or gateways behind NAT).

List of target DNSes:

3. In the Dashboard -> Settings, scroll down to the bottom, and assign policies to the Target IPs (one IP - one policy). Click on the green checkmark to apply settings. 

4. After that all devices behind NAT will be filtered by the chosen rules.

5. All Stats data can be shown on a certain Profile’s Stats tab.

NB! This feature works only on networks behind NAT. If you use a proxy server, the NAT DNS filtering option doesn’t work, because in that case proxy server’s settings will be applied.