Pass-through VPN

Posted on 2011-10-22
Last Modified: 2012-05-12
Hi Guys,

I haven't had a change to test this in the lab thought I throw it at here.

If you set your adsl router as "pass-through" vpn, then installed the RRAS role in W2K8 server, configured it as VPN with PPTP security protocol, what happen if you connect your VPN client over the public network, which are following  occur:

The initial connection is not secure as the VPN client (this could be a notebook) attempts to connect to the router, then the router passes through the traffic to the VPN server then encrypt the traffic once the connection is established between the vpn client and the VPN server
Or, The initial connection is encrypted as soon as it connects to the VPN server via the router router
Question by:mcse2007
    LVL 67

    Accepted Solution

    The router is not part of the equation (in regard of encryption), as it just forwards packets to RRAS and back. It only transfers the traffic, and does not know of the content.

    Initial connection is "secure" as far as PPTP can be called secure. That is, only MS CHAPv2 should be used, and the password should be complex - with MS CHAPv2 the password is used for getting an encryption key, so it shouldn't be chosen too short and simple.
    LVL 13

    Assisted Solution

    by:Greg Hejl
    the 'VPN Passthrough' feature in a firewall is to allow port traffic unimpeded through the router, since both client and server originates in both directions.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
    To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now