In your journey to find the right VPN for you, you may have come across the term “VPN passthrough.” It’s a feature built into your router that to many, causes a lot of confusion. Do you need to have it if you use a VPN? Do you need a special router? Or is it the same as a VPN router? All of your questions will be answered below.
A VPN passthrough is a feature that allows any devices connected to the router to establish outbound VPN connections. In other words, it does what it says on the tin – it allows VPN traffic to pass because old VPN protocols, such as PPTP and LT2P (an outdated IPsec version), don’t recognize and block it.
Even though it ‘sits’ on your router, it’s not the same as a VPN router. The former is a feature that allows traffic; it doesn’t do anything else on its own. Meanwhile, a VPN router, which can be either a hardware device with a preset VPN on it or a home router with a VPN client you set up yourself, encrypts your traffic and protects all devices connected to your network.
To understand why you may or may not need a VPN passthrough, it’s essential to know how it works. And it all starts with something called the Network Address Translation (NAT) – a tool that comes standard with many routers, and that can hinder your VPN connection.
NAT is great – it sits between your network and the wider net, filtering the traffic, making sure that you only receive the information you asked for, therefore protecting you from viruses and hackers. It also solves a huge problem we all have using IPv4 – lack of IPs. NAT knows private IP addresses of all the devices connected to your router, which it needs to send you the requested information.
But to do its job properly, the NAT needs certain information about the connections leaving and entering your router. The problem arises when outdated VPN protocols try to get through. The way they encrypt your connection doesn’t give the NAT enough information to do its job, forcing it to block those connections.
This is where a VPN passthrough (also called a PPTP passthrough or IPsec passthrough, depending on the protocol your VPN uses) comes into play.
Most home routers on the current market already have a built-in VPN passthrough. But don’t worry if yours doesn’t.
Your router only needs it if you want to use a VPN that supports IPsec or PPTP protocols. However, these security protocols are outdated and unreliable. Modern VPNs use faster and more secure protocols, such as OpenVPN and IKEv2/IPsec. In fact, NordVPN no longer supports PPTP and L2TP.
OpenVPN and IKEv2/IPsec don’t just offer better and quicker encryption; they also tunnel through the NAT on their own, so your router doesn’t need a passthrough at all. All you need for a secure connection is just to connect to a VPN!
Here's a short video, summarizing what a VPN passthrough is and why you don't need it with NordVPN:
Try NordVPN now with a 30-day money-back guarantee!