# Configure TCP passthrough

Sometimes end-to-end encryption is necessary, and client traffic must be kept encrypted until it reaches the backend server.

For this purpose, Link11 supports TCP passthroug&#x68;**.** When this is configured, neither the Link11 load balancer nor L11WAAP will terminate or decrypt the TCP connection. The specified traffic will be passed through to the backend as-is.

{% hint style="warning" %}
**Caution**: If TCP passthrough is enabled, we recommend using it with the narrowest possible scope. This traffic is not decrypted, and therefore, cannot be inspected by Link11.&#x20;

Passed-through requests are not filtered for hostile content, rate limit violations, ACL enforcement, etc. They also are not logged by Link11.
{% endhint %}

To enable TCP passthrough, [contact support](/support.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://waap.docs.link11.com/using-the-product/how-do-i.../configure-tcp-passthrough.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.