You may have encountered VPN Passthrough a number of times while researching about how VPN works and what are the top VPN services in the market to date. And you may have gotten overwhelmed by an onslaught of heavily technical terms in the process.
This article aims to discuss, using less IT jargon, what a VPN Passthrough is; how it works; the difference between a VPN Passthrough and a VPN Router; and whether you actually need a VPN Passthrough or not as well as how to enable it.
A VPN Passthrough is a component that authorizes devices connected to the router to establish outbound VPN connections, thus enabling VPN data packets to go through the router.
How VPN Passthrough Works
Let’s say you have a VPN client installed on your device and you want to connect it to a VPN server. This is the VPN connection mentioned earlier that needs to be established in order for you to access and enjoy the VPN services offered by your VPN client. This is the VPN traffic that needs to be allowed to pass through your router.
Note routers are not all built in the same way. Not all of them have the same built-in features, and some of these features are needed to make certain processes work. Not all routers are built with features that support the kind of technology needed to accept a VPN connection. Another way to say it is that some routers have built-in features that block and prevent your VPN client from establishing that outbound VPN connection.
To understand this dynamic between built-in features and required technology, I have to mention the Network Address Translation (NAT), a feature that is often included in most routers. NAT is what helps filter the traffic passing between your network and wider network of the internet. By filtering traffic, it helps protect you from possible threats to your security like malware.
The problem occurs when NAT encounters incompatibility issues with outdated VPN Protocols that try to get through. These outdated VPN Protocols — IPsec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), or PPTP (Point-to-Point Tunneling Protocol) — don’t give enough information in order to NAT to ascertain whether these are secure connections or security threats. This uncertainty due to lack of sufficient information forces NAT to prioritize your protection and block the VPN Protocols instead.
The workaround for this issue is the VPN Passthrough, which is also called a PPTP passthrough or IPsec passthrough, depending on the VPN protocol that you are using. As its name suggests, the VPN Passthrough allows VPN connections — in this case, the VPN Protocols — to “pass through” the router and connect to the VPN server.
The Difference Between a VPN Passthrough and a VPN Router
Along with VPN Passthrough, you may have also encountered the term “VPN router”. They may seem like they are the same thing since both seem to have something to do with VPN and a router. However, let me reiterate that a VPN Passthrough is a feature that allows VPN traffic to pass through a router.
A VPN router, on the other hand, is a router with VPN functionalities installed in it. In other words, a VPN client has already been configured to run on this router.
Is a VPN Passthrough Necessary?
So far, it has been established that a VPN Passthrough is an important component to the process that allows VPN clients installed on your devices to work. It seems obvious that you need to get a VPN Passthrough, right?
Well, the thing is, most modern routers already have a built-in VPN Passthrough. What is more, you actually only need this if your VPN client makes use of outdated VPN Protocols, which include IPsec, L2TP, or PPTP. If you are on a free VPN, there’s a chance that this still makes use of these older VPN Protocols.
Newer and more reliable protocols such as OpenVPN and IKEv2/IPsec (Internet Key Exchange version two) are more widely used now. These upgraded protocols can pass through NAT without a VPN Passthrough, making the latter more of a redundant feature. You just need to activate and connect to your VPN.
You might also need a VPN Passthrough if your computer is running on a really old operating system (OS). However, do note that OpenVPN and IKEv2 are already supported on operating systems as old as Windows XP. So, if you’re using anything older than that then, yes, you need a VPN Passthrough.
How to Enable a VPN Passthrough
If you find that you do need a VPN Passthrough, you need not worry too much since, again, most modern routers already have a VPN Passthrough that is pre-installed on it. And if you’re using any of the latest VPN Protocols, you won’t even need to think about getting or enabling a VPN Passthrough.
As mentioned before, if you’re using the LT2P/IPsec or PPTP VPN Protocols, you need a VPN Passthrough. And usually, this is activated by default on most routers. However, there are times when you may need to activate your VPN Passthrough on your router manually.
Here are the steps to manually enable your VPN Passthrough:
- Check your router’s manual for its exact IP address.
- Open a web browser.
- In the URL bar, type in your router administration program’s IP address.
- Type in the administrator ID and password.
- On the Security tab, activate PPTP Passthrough.
- Check your router’s manual for the step-by-step guide on how to set port forwarding. This is because different manufacturers have different sets of instructions for this procedure.
- Set up your VPN and try connecting it.
If you were successful in activating your VPN Passthrough, the system will prompt you to put in the username and password for your VPN. And if you’re successful with this last step as well, you should be able to browse through the internet while enjoying the services that your VPN client offers.
With the emergence of newer and more reliable VPN hardware and software, the need for a VPN Passthrough is rapidly decreasing. If you are using legacy technology like outdated VPN protocols and devices running on ancient operating systems, then you will still need a VPN Passthrough. This will prevent you from encountering issues when you are trying to use your VPN. However, these legacy technology features are nearing total phaseout.
It is also good to note that VPN services that make use of outdated VPN Protocols are free VPN services. And because they are free, they hardly provide sufficient protection for you when you go online, which in essence kind of offsets the purpose of using a VPN in the first place. You should try looking into paid VPN clients that offer premium services. With the level of security and privacy that they offer, this will be a worthwhile investment in the long run.
Bottomline: if you are making use of premium VPN clients that run on newer VPN protocols and your devices are running on the latest operating systems, then you need not worry about getting a VPN Passthrough. In turn, you also get to enjoy much better VPN services.