- Think Like A Computer - https://www.think-like-a-computer.com -

VPN Passthrough and How It Works

VPN Passthrough is a feature of routers which allows computers on a private network to establish outbound VPNs unhindered. VPN passthrough has nothing to do with inbound VPNs, only outbound ones. The term comes from allowing the VPN traffic to “passthrough” the router. NO ports need opening to enable VPN passthrough, it will automatically work.

There are different types of VPNs but the most dominant ones are PPTP VPNs and IPsec VPNs. When a router states it supports VPN passthrough it actually means it supports both these types of VPNs. To be exact VPN passthrough is just the combination of PPTP passthrough and IPsec passthrough. This is important as you will see next because PPTP passthrough is handled differently to IPsec Passthrough.

Why Is VPN Passthrough Is Needed

Almost all routers implement a feature called NAT to allow several computers to share the same internet connection; this is how your home router works. Both PPTP and IPsec VPNs don’t work with NAT natively. Since most routers implement NAT this is a problem.

PPTP passthrough deals with this by replacing GRE (the part of PPTP that doesn’t work with NAT) with enhanced GRE which does work with NAT.

IPsec passthrough implements NAT-T to encapsulate the IPsec packets in a UDP packet which works with NAT.

Routers That Support VPN Passthrough

The Netgear WGR614 Wireless Router is your bog standard home router which supports up to 3 concurrent VPN connections; this ideal for home or even small business use. The Netgear FWAG114 ProSafe is bit more upmarket and comes with a heavier price tag; this also supports end-to-end VPNs otherwise known as Site to site VPNs. You can check out other Netgear products that support concurrent VPN from Netgears official page.