We recently swapped a cheap RV042 with a SA520W, doing NAT overload for the office (1 public IP address).
There's also a small web server running internally and the SA520 is doing port translation for this server on port 443 (https), which has a hostname. This hostname resolves to the public IP address, there's no DNS resolver running inside, clients behind the NAT use Google's free resolvers (22.214.171.124 and 126.96.36.199)
With the earlier RV042 connecting to this internal server was never a problem and worked automagically. I think the RV042 was doing "dns doctoring" and did a rewrite on DNS replies which contained the public ip address on the WAN port.
Does the SA520 support this kind of thing?