Enclave Gateway and SafeDNS Filtering

Enclave Gateway can be configured to pass DNS queries to the SafeDNS service, providing simple to deploy DNS filtering.

Perquisites

• Your Enclave Gateway will need to be running on a static IP address. In this example, the Enclave Gateway is running on a DigitalOcean server with the public IP address of 46.101.56.236.

Setup

1. Login to your SafeDNS account dashboard and navigate to Settings > Devices and add the public static IP address of your Enclave Gateway (e.g. 46.101.56.236) to the "IP addresses" list, as shown below.

   

   Note the SafeDNS IPv4 DNS addresses nameservers allocated to your account. In this example the SafeDNS nameservers are 195.46.39.39 and 195.46.39.40

   ---

2. Login to your Enclave Gateway and use the set-config CLI command to configured enclave forward DNS queries to the SafeDNS nameservers:

   $ enclave set-config gateway-dns-upstream-servers 195.46.39.39, 195.46.39.40
   

   Be sure to replace the nameservers in this example with those from your SafeDNS account. Once applied, restart Enclave.

   $ enclave restart
   

   ---

3. Setup Enclave policies to route via traffic, DNS queries, or both via your Gateway(s). Once configured, SafeDNS will start to provide basic reports. Note that at the time of writing, statistics and detailed about blocked domains are only available on the Pro plan.

   

---

Last updated October 23, 2024