VPN passthrough--What's it do?

Follow

GKarasik

• December 29, 2024 21:31

To use my personal VPN appliance, I first check the VPN pass-through boxes, then setup forwarding (UDP 500, 1701, 4500, TCP 1723), then add rules. Just curious: Why all three? If I'm opening pinholes for ports and controlling access with rules, what is VPN passthrough doing?

0

• 

  Firewalla

  • December 29, 2024 22:22

  What the is VPN pass-through boxes are you talking about? is it your own VPN servers running inside the network? if it is, is it wireguard? or OpenVPN? I don't understand pihole and ports controlling access ... pihole is just a simple DNS server, not sure how it is part of the VPN network

  0

  Comment actions Permalink
• 

  GKarasik

  • December 30, 2024 00:38

  I have a VPN appliance behind the FIrewalla. Sorry for the typo (my fingers need glasses); I meant "pinhole." To reach my VPN appliance through the Firewalla, I must do all the steps above, including specifically allowing PPTP, L2TP, and IPSEC in "NAT Passthrough," which is what Firewalla calls it. (I've seen it called "VPN Passthrough" on other routers: Even in bridge mode, they want you to allow these specific passthroughs. I'm just trying to understand what exactly these "passthroughs" are doing that port forwarding and custom rules aren't doing.

  0

  Comment actions Permalink
• 

  Firewalla

  • December 30, 2024 00:45

  NAT can interfere with VPN traffic. For example, NAT might not know how to handle GRE or ESP packets because they lack port numbers So to make sure NAT work, there has to be specific processing.

  If you run newer protocols like OpenVPN and wireguard, there is no need to do that

  0

  Comment actions Permalink
• 

  GKarasik

  • December 30, 2024 01:37

  Thanks. I'll try that out.

  0

  Comment actions Permalink

Please sign in to leave a comment.