What is VPN Split Tunneling and How does it Work?

Justin Oyaro

By Justin Oyaro . 15 January 2022

Cybersecurity Expert

Miklos Zoltan

Fact-Checked this

What is VPN split tunneling?

VPNs encrypt your entire connection and internet traffic over the web. However, at times you may need to access your local network while protecting your connection at the same time. In this case, what you need is VPN split tunneling. It helps you have fine control of your VPN and internet connection.

In this guide we will discuss about:

  • What is VPN split tunneling?
  • Types of VPN split tunneling.
  • Benefits of VPN split tunneling.
  • Risks of VPN split tunneling.
  • VPNs that support split tunneling.

Read on to know more about VPN split tunneling!

Related guide: Why you should use a RAM-only VPN
Related guide: How to use a stealth VPN
Related guide: Differences between a VPN and a Proxy

Split Tunneling

What is VPN Split Tunneling?

VPN split tunneling is a feature that allows you to choose what traffic the VPN will protect and what traffic will go directly to the internet via your ISP. This traffic can be from various apps and services on your device.

VPN split tunneling is also intended to maintain a secure connection while also giving you access to your local network. Some VPN providers may offer a default option in which you can access your local network.

Types of VPN Split Tunneling

Various VPN providers have different implementations of split tunneling. Below are the common types.

  • Split Tunneling/App exclusion: the VPN will protect your whole connection except for the connection from excluded apps/services. You have the option to choose what apps/services to exclude.
  • Inverse Split Tunneling: the VPN will only protect connections from selected apps/services. Any other connections will go to the internet directly.
  • Specifying URLs: the VPN will protect you on all websites except the ones you select to exclude. The ones you exclude will have access to your IP address. Browser-based VPN extensions offer this type of split tunneling.
  • IP-based tunneling: this form of split tunneling allows administrators to choose where information packets will be redirected on a network via policy-based routing. This type is not offered in commercial VPNs.

Benefits of VPN Split Tunneling

VPN split tunneling comes in handy when you want to access services that are not VPN friendly, when you want to protect and exclude some connections, and when you don’t want to lose access to your local network or your countries services.

Depending on how you use VPN split tunneling, you can:

  • Exclude apps and websites that block VPN traffic.
  • Access remote work connections.
  • Access your local network devices such as printers.
  • Unblock geo-restricted content while accessing your regional content.
  • Download and torrent safely while using your bandwidth for other activities.

Additional VPN use-cases:

Security Risks of VPN Split Tunneling

The significant risk of VPN split tunneling privacy and security – losing VPN protection on the apps/services you exclude. Excluded traffic can be susceptible to eavesdropping, and prying eyes, such as your ISP might be able to know your online activities.

As a rule of thumb, ensure all your sensitive activities/information are protected by the VPN. Only exclude apps/services in which privacy and security are not the top priority.

Best Split Tunneling VPN

All of the best VPNs offer split tunneling as a base feature. Here is how our top VPNs implement it.

ExpressVPN split tunneling

ExpressVPN offers split tunneling per-app basis on Android, Mac, and Windows. You can select all apps to use the VPN, do not allow selected apps to use the VPN, and only allow selected apps to use the VPN. On routers, you can choose split tunneling options such as Router VPN, No VPN, and the MediaStreamer.

Related: Finding a VPN for Android

Surfshark split tunneling

Surfshark offers VPN split tunneling via a feature called the Whitelister. You get split tunneling for apps and websites. For apps and websites (URL-based), you get the option of choosing which app or URL gets to bypass the VPN connection. Surfshark only offers VPN split tunneling on its Android and Windows apps.

Other reputable VPNs that offer VPN split tunneling include CyberGhost VPN, NordVPN, PureVPN, PIA VPN, and even IPVanish.

Wrap Up

VPN split tunneling is a great feature that helps you how to manage and use your VPN connection. On the upside, you get to control which apps/services/devices get to use the VPN connections and which ones will not. On the downside, you risk your security and privacy.


Should I use split tunneling?

Split tunneling is necessary if you want to access your local network devices, services that don’t allow VPN connections, and also for unblocking geo-restricted content while maintaining access to your regional content.

Why is split tunneling bad?

This is because of the privacy and security risk. Traffic that is not protected by the VPN will be vulnerable to prying eyes, hackers, and even your ISP will know what you are doing. Do not exclude sensitive traffic from the VPN tunnel.

Does split tunneling save data?

Not really; however, you will save on your connection speeds. The traffic that the VPN doesn’t protect won’t suffer from the VPN encryption overhead. You will get full speeds offered by your ISP. Additionally, you might experience low latency if you are accessing regional content.

How do you enable split tunneling?

VPN split tunneling is a feature offered by most VPN providers. Launch your VPN app and disconnect it; go to Settings or connections and select VPN split tunneling. Toggle the options; what you want to allow/deny or add apps and URLs. After all is done, connect to a VPN server.

How do I allow VPN split tunneling on iOS?

Currently, Apple doesn’t allow users to choose or exclude apps that will use the VPN connection. This is why most VPN providers don’t offer the feature on their iOS VPN apps. However, this might change soon with recent developments in Apple.

Leave a Comment