Q

How do I disable VPN passthrough? What are the pros and cons to disabling it?

In this Ask the Expert response, Rainer Enders explains how to disable VPN passthrough and what the benefits and drawbacks are.

How do I disable VPN passthrough? What are the benefits and drawbacks to disabling this function?

VPN passthrough is typically used on small office home office (SOHO) network gateway devices. This means that the gateway itself is not the termination point of the VPN, but rather a passive device allowing the VPN packets to pass through the firewall. Depending on the type of VPN, different protocols and ports are required to enable the VPN traffic. In the case of IPsec, the required ports are typically user datagram protocol (UDP)...

Port 500 for Internet key exchange (IKE) and Port 4500 for network address translation (NAT) traversal. On most systems, this feature can be enabled or disabled within the device’s configuration menu.

The benefit of disabling VPN passthrough is enhanced security by blocking open communication ports through the firewall that otherwise would be open and accessible. The drawback is that a user behind the gateway would not be able to establish a VPN connection, since the required VPN ports are blocked at the firewall. In particular, if an end user relies on a VPN connection for their home office, those ports should not be blocked.

Email your VPN-related questions to editor@searchenterprisewan.com

This was first published in April 2012

Dig deeper on VPN setup and configuration

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchNetworking

SearchUnifiedCommunications

SearchTelecom

SearchSDN

Close