Number of VPN Passthrough Connections Limited by Network Configuration

The VPN passthrough feature on a router does not create one of the endpoints needed to create a VPN tunnel. The feature merely lets a tunnel created by others to "pass through" the router. See What is VPN? for background information on VPN. The number of VPN passthrough connections is limited by:

• The maximum number of VPN passthroughs the NETGEAR router can handle, and
• Whether the VPN connection is for more than one VPN gateway, and
• Whether the VPN gateway supports NAT traversal detection.

The maximum number of VPN passthrough connections that NETGEAR routers have is described here.

This illustration shows two VPN passthrough connections through a NETGEAR router (one red and one blue).

The next example differs because, although there is only one VPN gateway, all three computers behind the NETGEAR router are showing the same public IP address to the Internet. That is, the router is using NAT to convert all the private IP addresses to one public IP address. Therefore the VPN gateway on the outside cannot tell the difference between the computers — all the traffic from them appears to the VPN gateway to be from the same computer.

The above configuration will work, however, if the VPN Gateway supports NAT traversal detection. The newer NETGEAR routers FVS124G, FVS338, and FVX538 do this. (The VPN client, which is the initiator of the tunnel, does not need NAT traversal detection.)

N101581.asp Nov 29, 2005