You might have heard about the term VPN passthrough while on the lookout for a VPN. It’s a feature that’s built into your router, though it can get pretty confusing to just think about how it works.
We’re here to simplify things for you. Read on to learn everything you need to know about VPN pass throughs.
What is a VPN Passthrough?
A lot of VPN service providers offer a bunch of great features, and one of them is the VPN passthrough. This is a feature on VPN routers that enables you to set up an outbound VPN connection between a device on your internal network (behind a firewall) and a device on the outside network (e.g. the Internet).
Multiple computers on a local network can share a single public IP address thanks to a router feature called Network Address Translation (NAT). Your NAT type also determines how open and accessible your local network is.
However, outdated VPN protocols such as PPTP, IPSec, and L2TP are not compatible with NAT. Your router might drop packets or completely shut down the connection if you’re using PPTP or IPsec VPN on an outbound connection.
To put it simply, a VPN passthrough, as the name suggests, basically allows your VPN traffic to pass through your router and bypass the NAT process.
How Does a VPN Passthrough Work?
A VPN connection would typically travel from your device through your router to the internet before connecting to a VPN server. What’s also great is most VPNs don’t log any of your online data and activity so they also protect your online traffic.
However, a connection is impossible when a VPN protocol doesn’t give the router, or to be more precise, the router’s NAT, anything to work with. This is when a VPN passthrough comes in.
A VPN passthrough isn’t just a single thing and is a number of workarounds that enable older tunneling protocols to function with your router. These “older protocols” are the PPTP, IPSec, and L2TP.
For instance, a PPTP passthrough replaces GRE (a tunneling protocol used by PPTP) for an improved version of the GRE. Because of this, when we refer to a VPN passthrough, we actually mean an all-encompassing term that includes PPTP, IPSec, and L2TP passthroughs.
Do You Need a VPN Passthrough?
The short answer is you probably won’t need one. We’ll explain why.
The majority of routers on the market already have a VPN passthrough built in. You only need to use one when you want to use a VPN that supports PPTP or IPsec protocols. Faster and more secure protocols like OpenVPN and IKEv2/IPsec are already used by the best VPN services. For instance, NordVPN decided to stop supporting L2TP and PPTP protocols.
Additionally, OpenVPN and IKEv2/IPsec protocols don’t just offer faster and better encryption. Since they also tunnel through the NAT on their own, your router doesn’t need a VPN passthrough. You just have to connect to a VPN for a secure connection!
Is a VPN Passthrough and a VPN Router the same?
The quick answer is no, they’re not the same thing!
A Virtual Private Network (VPN) router is simply a WiFi router with VPN software installed on it. It encrypts all of the traffic that travels over your WiFi network, enabling you to simultaneously protect all of your devices. You can buy these types of routers or you can install them on some router models with custom firmware such as FreshTomato or OpenWrt.
These VPN routers not only provide support for modern VPN protocols such as Wireguard and OpenVPN, but it also provides advanced functionalities such as network communications with a VPN environment.
Also, the VPN tunnel is created between the VPN server and the VPN router, which serves as the VPN connection’s endpoint. Because of this, the router basically serves as the VPN client. This is helpful when IoT devices, smart TVs, or gaming consoles need to connect to a VPN but don’t support native applications.
With all that said, it’s a lot different from a VPN passthrough. A VPN router basically hosts the VPN client on the router itself while a VPN passthrough allows VPN traffic to (quite literally) pass through your router.
Different Types of Passthroughs and How They Work
Now that you understand how VPN passthrough works, you’d find that there are three different types:
1. PPTP Passthrough
Through the use of a secure connection on an existing network, PPTP is a tunneling technique that allows two network devices to communicate with one another. Your VPN router can support Point-to-Point Tunneling Protocol connections thanks to the PPTP passthrough.
2. IPsec Passthrough
To establish secure IP connections over gateways, IPsec passthrough employs a method called Network Address Translation-Traversal (NAT-T). When a device lacks a public IP address, NAT-T makes sure that traffic is sent to the designated location. User Datagram Protocol (UDP) is used by NAT-T to encapsulate IPsec packets to facilitate message exchanges between computers connected to a network.
Additionally, you can connect devices to a VPN connection using IPsec passthrough if they don’t already support IPsec. Devices that support IPsec passthrough routing already have this protocol built-in, so hosting companies for IPsec passthrough servers enable this protocol on a VPN server.
3. L2TP Passthrough
Similar to PPTP passthrough, Layer Two Tunneling Protocol (L2TP) passthrough adds a tunnel to any device that you want to connect to your VPN network. Compared to its predecessors, it’s a more secure protocol. Once an L2TP passthrough has been set up, it acts almost the same way as the PPTP passthrough since all the data that’s sent across your connection will be encrypted.
A VPN Passthrough Is a Great Feature
A VPN passthrough is a great feature especially if you’re using an older VPN protocol that’s not supported by the router you’re using.
But most of the time, you probably won’t need one. A lot of routers already have them built in so using one won’t make any difference.
However, if you’re using an old VPN protocol and an ancient router, knowing what it is and what it does can help you connect to the internet.