What is VPN Split Tunneling and How does it Work?

Justin Oyaro

By Justin Oyaro . 24 June 2024

Cybersecurity Expert

Miklos Zoltan

Fact-Checked this

VPNs encrypt your entire connection and internet traffic over the web. However, sometimes you may need to access your local network while simultaneously protecting your connection.

In this case, what you need is VPN split tunneling. It helps you have fine control of your VPN and internet connection.

In this guide we will discuss about:

  • What is VPN split tunneling?
  • Types of VPN split tunneling.
  • Benefits of VPN split tunneling.
  • Risks of VPN split tunneling.
  • VPNs that support split tunneling.

Read on to know more about VPN split tunneling!

Summary: This guide explores the concept of VPN split tunneling, a feature that enables selective routing of your internet traffic. It allows you to decide which part of your traffic is encrypted and routed through the VPN and which part accesses the internet directly.

Split tunneling comes in various forms, such as app-based exclusion and inverse split tunneling. This functionality offers several advantages, including simultaneous access to your local network while keeping other connections secure.

Continue reading to gain a deeper understanding of VPN split tunneling, along with its potential benefits and risks.

Split Tunneling

What is VPN Split Tunneling?

VPN split tunneling is a feature that allows you to choose what traffic the VPN will protect and what traffic will go directly to the internet via your ISP. This traffic can be from various apps and services on your device.

VPN split tunneling is also intended to maintain a secure connection while giving you access to your local network. Some VPN providers may offer a default option in which you can access your local network.

Types of VPN Split Tunneling

Various VPN providers have different implementations of split tunneling. Below are the common types.

  • Split Tunneling/App exclusion: the VPN will protect your whole connection except for the connection from excluded apps/services. You have the option to choose what apps/services to exclude.
  • Inverse Split Tunneling: the VPN will only protect connections from selected apps/services. Any other connections will go to the internet directly.
  • Specifying URLs: the VPN will protect you on all websites except the ones you select to exclude. The ones you exclude will have access to your IP address. Browser-based VPN extensions offer this type of split tunneling.
  • IP-based tunneling: this form of split tunneling allows administrators to choose where information packets will be redirected on a network via policy-based routing. This type is not offered in commercial VPNs.

Benefits of VPN Split Tunneling

VPN split tunneling comes in handy when you want to access services that are not VPN friendly, when you want to protect and exclude some connections, and when you don’t want to lose access to your local network or your country’s services.

Depending on how you use VPN split tunneling, you can:

  • Exclude apps and websites that block VPN traffic.
  • Access remote work connections.
  • Access your local network devices such as printers.
  • Unblock geo-restricted content while accessing your regional content.
  • Download and torrent safely while using your bandwidth for other activities.

Security Risks of VPN Split Tunneling

The significant risk of VPN split tunneling privacy and security – losing VPN protection on the apps/services you exclude.

Excluded traffic can be susceptible to eavesdropping, and prying eyes, such as your ISP, might be able to know your online activities.

As a rule, ensure the VPN protects all your sensitive activities/information. Only exclude apps/services where privacy and security are not top priorities.

Best Split Tunneling VPN

All of the best VPNs offer split tunneling as a base feature. Here is how our top VPNs implement it.

ExpressVPN split tunneling

ExpressVPN offers split tunneling per-app basis on Android, Mac, and Windows. You can select all VPN apps, do not allow selected apps to use the VPN, and only allow selected apps to use the VPN.

You can choose split-tunneling options on routers such as Router VPN, No VPN, and the MediaStreamer.

Surfshark split tunneling

Surfshark offers VPN split tunneling via a feature called the Whitelister. You get split tunneling for apps and websites.

For apps and websites (URL-based), you can choose which app or URL to bypass the VPN connection. Surfshark only offers VPN split tunneling on its Android and Windows apps.

Other reputable VPNs that offer VPN split tunneling include CyberGhost VPN, NordVPN, PureVPN, PIA VPN, and even IPVanish.

Wrap Up

VPN split tunneling is a great feature that helps you manage and use your VPN connection.

On the upside, you can control which apps/services/devices get to use the VPN connections and which will not. On the downside, you risk your security and privacy.

Frequently Asked Questions

Some people found answers to these questions helpful

Should I use split tunneling?

Split tunneling is necessary if you want to access your local network devices, services that don’t allow VPN connections, and for unblocking geo-restricted content while maintaining access to your restricted content.


Why is split tunneling bad?

Do not exclude sensitive traffic from the VPN tunnel. This is because of the privacy and security risk. Traffic not protected by the VPN will be vulnerable to prying eyes, hackers, and even your ISP will know what you are doing.


Does split tunneling save data?

Not really; however, you will save on your connection speeds. The VPN traffic won’t suffer from the VPN encryption overhead. You will get full speeds offered by your ISP. Additionally, you might experience low latency if you are accessing regional content.


How do you enable split tunneling?

VPN split tunneling is a feature offered by most VPN providers. Launch your VPN app and disconnect it; go to Settings or connections and select VPN split tunneling. Toggle the options; what you want to allow/deny or add apps and URLs. After all, is done, connect to a VPN server.


How do I allow VPN split tunneling on iOS?

Currently, Apple doesn’t allow users to choose or exclude apps that will use the VPN connection. This is why most VPN providers don’t offer the feature on their iOS VPN apps. However, this might change soon with recent developments in Apple.


Leave a Comment