Connect with us

Hi, what are you looking for?


Troubleshoot VPN passthrough for home routers | Answer

Troubleshoot VPN passthrough for home routers

A VPN is a way to connect two secure networks over the Internet – for example a home network and a corporate network. It needs special equipment or software at both ends.

The term “VPN transit” on routers means that the device does not support one of the endpoints, but only allows traffic from those endpoints to “pass”. All NETGEAR routers support VPN passthrough for IPSec, PPTP, and L2TP. To create one of these endpoints, see What is a VPN (Virtual Private Networks)?

This article applies if you are already connected to a VPN, but installing a NETGEAR router has stopped your VPN from working.

NETGEAR routers with VPN pass are meant to work without modification, but sometimes troubleshooting is necessary to locate the problem. If your router supports 0 VPN terminators, you need other hardware or software besides the router.

The current home routers that support VPN passthrough are the DGN1000 and D6300.

Note: These do not contain a VPN wizard, and policies cannot be created on them.

The DGN2200v3, DGND3700v2, D6200, and DGND4000 all support the VPN processor. Details are in the user manual. For an example, see link.

Discover  Do I need a VPN on my phone in the US?


Any of these steps might solve the problem:

  1. If your device supports NAT-T (NAT Traversal), turn it on.
  2. Contact your network administrator to understand the details of how you need to configure your VPN software. (The popular software is Cisco NAT-T and NETGEAR ProSAFE).
  3. If your company uses an L2TP pass-through, register your router’s MAC address with your company’s system administrator.
  4. Upgrade to the latest router firmware.
  5. Enable port forwarding for VPN port 500, (for IPSec VPN), port 1723 for PPTP VPN, and port 1701 for L2tp-L2tp routing and remote access. Port 500 may be listed under the Services list. You can visit this link for more information on port forwarding: How do I configure port forwarding on routers using the NETGEAR genie interface?
    Note: Check if the WAN IP is public or private. Ports can only be opened on public IP addresses.
  6. By default, the router’s firewall is configured to drop (delete) ICMP packets sent from outside your network to the WAN port. Your VPN may require ICMP packets. to accept them:
    1. Log in to the router with a browser by typing,, or
    2. Type Admin for username and The password for the password (unless you changed the password from the default).
    3. Choose WAN setting > advanced > Reply to Ping on the Internet Port.
    4. click Progressing.
Discover  How to Install NordVPN on Firestick - Different Methods

More information:

Business Routers & VPN-supported UTM

Configure PPTP VPN Tunnel for ProSafe / ProSecure Routers

Configure L2TP VPN Tunnel for ProSafe / ProSecure Routers

Last update: 11/28/2016 | Article ID: 966

Don’t forget to share this post with friends !

Click to comment

Leave a Reply

Your email address will not be published.



AnyConnect certificate-based authentication. Cisco community 👨‍💻 The information in this document is based on the following software and hardware versions: ASA 5510 running software...


AnyConnect: Install a self-signed certificate as a trusted source 👨‍💻 kmgmt-2879-cbs-220-config-security-port objective The goal of this article is to walk you through creating and...


ITProPortal . Portal 👨‍💻 We live in a dynamic moment in terms of technology. Even criminals are becoming more technically savvy and are using...


Avira Free Antivirus Review for Mac / Windows and Android are the most common targets for malware programmers, but that doesn’t mean macOS is...