VPN Passthrough vs IPsec Passthrough: Understanding the Difference

VPN Passthrough vs IPsec Passthrough: Understanding the Difference
VPN Passthrough vs IPsec Passthrough: Understanding the Difference

In the domain of computer networking, you will come across the term “VPN Passthrough," a feature that is built into a router, and the terminology can be quite confusing. In this article, we will try to cover what VPN passthrough is, how it works, and why it is even required.

What is a VPN Passthrough?

VPN passthrough is a feature available on the router that allows any device connected to the router to establish an outbound VPN connection. For example, if you want to connect to a VPN server using a VPN client in your device, the router VPN passthrough feature on the router enables that VPN traffic.  VPN Passthrough feature is mainly required for routers with older protocols such as IPsec and PPTP.

Most of the modern routers have a feature called Network Address Translation (NAT) which allows several devices on a LAN to share a public IP address. Older protocols such as IPsec, PPTP are not compatible with NAT. Older routers with these protocols will allow the VPN traffic to establish, it may drop the packet and block the connection.  

How does VPN Passthrough work?
For VPN connection to establish, VPN traffic originates from the VPN client on a device that goes through the router to the VPN server. Modern routers with NAT can’t comprehend older protocols which can result in dropping or blocking VPN connections. VPN passthrough feature bypass NAT and auto forward the VPN traffic using additional ports.

Some of the disadvantage with enabling VPN passthrough includes:

  • It weakens the security of local network as it is based on outdated protocols which is less secured
  • It can be complex to setup with previous technical experience
  • It required port forwarding to be enabled on the router

What is IPsec Passthrough?
IPsec is a secure network protocol suite that helps to set up encrypted connections between devices. It is used to secure VPN connections by encrypting IP packets along with authenticating the source where the data is originating from. Modern routers with NAT protocol doesn’t support IPsec. IPsec VPN passthrough feature allows to establish secure IP connection over gateway and make it work with NAT protocol.

How to Enable IPsec Passthrough?
Some of the disadvantages of IPsec passthrough includes-

  • It is not very secure. Any vulnerabilities that exist at the IP layer could be passed to the corporate network through the IPsec tunnel.
  • Without proper IPsec Passthrough configuration, traffic can be blocked by firewall.
    Most modern routers come with VPN passthrough and IPsec passthrough features. VPNs are not secure as it provides excessive trust to its users. Zero Trust solutions such as VPN Alternatives eliminates the risk of excessive trust by providing granular access controls to users by enabling access to applications on a need to know basis. You can also visit our official website to learn more about InstaSafe’s Zero Trust solutions.