How do I disable VPN passthrough? What are the pros and cons to disabling it?

How do I disable VPN passthrough? What are the benefits and drawbacks to disabling this function?

    Requires Free Membership to View

VPN passthrough is typically used on small office home office (SOHO) network gateway devices. This means that the gateway itself is not the termination point of the VPN, but rather a passive device allowing the VPN packets to pass through the firewall. Depending on the type of VPN, different protocols and ports are required to enable the VPN traffic. In the case of IPsec, the required ports are typically user datagram protocol (UDP) Port 500 for Internet key exchange (IKE) and Port 4500 for network address translation (NAT) traversal. On most systems, this feature can be enabled or disabled within the device’s configuration menu.

The benefit of disabling VPN passthrough is enhanced security by blocking open communication ports through the firewall that otherwise would be open and accessible. The drawback is that a user behind the gateway would not be able to establish a VPN connection, since the required VPN ports are blocked at the firewall. In particular, if an end user relies on a VPN connection for their home office, those ports should not be blocked.

Email your VPN-related questions to

This was first published in April 2012

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: