Split Tunneling is a VPN feature that allows users to direct a portion of their internet traffic through an encrypted virtual private network while leaving the rest to be routed through a separate tunnel on the open network. It’s an advanced feature with specific uses that we’ll cover in detail here.
Be sure to subscribe to the All Things Secured YouTube channel!
By default, a virtual private network (“VPN”) will route all internet traffic through the VPN server when you are connected. The purpose of a VPN, after all, is to secure your entire connection and prevent any DNS or unencrypted data from leaking.
But what if you need to…
- …access local network devices?
- …encrypt certain data without slowing down your entire internet connection?
This is where the VPN split tunneling feature becomes useful.
Below we’re going to answer a number of questions related to VPN split tunneling in hopes to give you a clear picture of what it is and how to use it.
Use the links above to jump down to a specific section, or continue scrolling to answer the most common questions about this VPN feature.
Note: Some of the links in this article are affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed here. I only recommend what I personally use and try to remain as unbiased as possible.
How Does Split Tunneling Work?
Split tunneling is a unique technology that gives you control over which data you encrypt through a VPN and which data remains open on the network.
Simply put, split tunneling gives you complete control over which data is sent over the internet through your VPN and which data is kept on the faster, unencrypted open web.
There are a few different ways in which this kind of technology is implemented.
- App-based: Some VPN software allows users to choose specific apps to connect through the VPN. Using this method, only those apps selected will be routed through the VPN, while all other internet traffic travels through the regular network.
- URL-based: Another popular method of implementing split tunneling is by specific website URLs. In this method, you specify exactly which URLs will require encryption through the VPN. This is usually done via a VPN browser extension.
- Inverse split tunneling: In the above two methods, the default for all internet traffic is unencrypted. With inverse split tunneling, the opposite is true. All traffic is sent through the VPN and you choose exactly which apps or URLs don’t go through the VPN.
While split tunneling isn’t difficult to set up, it does require users to manually set which apps and URLs to either include or exclude.
Each VPN software handles this differently, and I’ll share below which I recommend.
Why Would I Need Split Tunneling?
This is the million-dollar question.
And the truth is, not everybody needs split tunneling. This isn’t like the VPN kill switch feature, which is so useful that some software don’t even give you an option to turn it off.
Because a VPN encrypts internet traffic and routes it through a server in another location, it can sometimes create bottlenecks in bandwidth usage and slow down your internet.
Let’s look at a few instances where using split tunneling would be helpful.
Example 1: The Expat Living Overseas
VPNs tend to be extremely useful for those living overseas. Not only do they help protect against government spying, they also help bypass internet censorship (such as in China, Saudi Arabia, etc.).
However, the reality is that most expats use a VPN for streaming their favorite content.
If the primary goal is to stream geoblocked content, there’s no need to slow down the rest of your internet connection for other activities.
By split tunneling, you can set up your virtual private network to only route you through the VPN server when you’re using Netflix or trying to access a censored website.
All other traffic is unencrypted and (theoretically) slightly faster.
Example 2: Working on a Local Area Network
The ability to control your internet traffic can be useful when there are things you need to do on the local area network (LAN).
Say, for example, you need to use a wireless printer at home (that is, of course, connected to your secured home WiFi network!). Often, when you’re on a VPN, the encryption shields you from the local area network, meaning you can’t access LAN devices.
With split tunneling, you can only control only the traffic that needs to be connected to the VPN server while remaining linked to the local area network.
Example 3: Extra Security without Sacrificing Speed
Finally, there are some users who might want extra security when doing certain sensitive activities such as banking, email or activism.
In this case, split tunneling allows you the benefit of added security without sacrificing the speed on the rest of your internet connection.
When set up properly, there are some legitimate benefits to using a VPN with split tunneling, although as I mentioned earlier, it’s not a feature everybody will use.
Is Split Tunneling Secure for VPNs?
While there’s no doubt that split tunneling with a VPN adds extra security, as with any technology, I always caution against over-reliance on any single feature.
There’s a lot of debate around whether this feature weakens your overall encryption and offers a backdoor for bad players to exploit.
If you’re using split tunneling as a means to stream or unblock content while maintaining the highest available speeds for the rest of your internet activity, you have nothing to worry about.
However, if your primary use of a VPN centers on identity protection and data security, split tunneling may end up being a unnecessary liability for you in the end.
Best VPN with Split Tunneling in 2022
Since split tunneling is not a feature that is offered with most commercial services, it’s worth pointing out which services do it best.
Mind you, I’m only listing services that natively offer the split tunneling feature. You can manually configure this setting with most services (i.e. using a browser extension), but I’m not including that here.
Also Note: As far as I know, there are no iOS-based VPN apps that offer split tunneling right now. This is a system feature that hasn’t been opened up by Apple that you can get on Android.
Ok, with that out of the way, here’s a quick list of the best VPNs that natively offer this as a feature.
SurfShark – Best for Windows & Android
Split tunneling can be a clunky feature, but Surfshark does the best job I’ve seen making it easy to understand and even easier to implement.
The only downside is that, as of this publish date, Surfshark only offers it’s “Whitelister” feature for Windows and Android devices. I’ve been told that they’re working on adding the feature to Mac and iOS apps, but it hasn’t yet been rolled out.
As I’ve already noted in my comprehensive Surfshark VPN review, not only is the VPN bypass feature quickly accessible in the app, it’s also easy to implement either by app or by URL.
If you use Windows or Android and this is a feature you’re looking for, I highly recommend Surfshark. It’s an excellent service with unlimited simultaneous connections and very inexpensive plans.
ExpressVPN: Best for Mac Users
Overall, ExpressVPN is one of the top commercial services on the market and offers an amazing user experience no matter what platform you’re using.
If you’re looking for the split tunneling feature on a Mac, ExpressVPN allows you to do so on a per-app basis.
In the general settings, you’ll need to turn on the feature and then select which apps you want or don’t want to encrypt in your connection. You can see what that looks like here:
Of course, since “Netflix” or “Your Bank” isn’t an app on your computer like it is on your phone, this isn’t nearly as helpful for certain types of users.
Still, I can easily recommend ExpressVPN because of it’s best-in-class design and excellent track record. Use the links here to get 3 months of free service with any annual plan!
PureVPN: Best for Android TV
While PureVPN offers the split tunneling VPN feature on both their Android and Windows apps (sorry Apple users!), it’s their Android TV app that sets them apart here.
If you use Android TV, it is possible to install the PureVPN app, turn on split tunneling and select exactly which apps will be routed through the VPN and which will be open on the network.
I’ve covered details on these features and more in my comprehensive PureVPN review.
The setup screen looks like this:
This is a level of control that you don’t get with many other smart TV VPN apps and can be helpful if you’re wanting to stream certain content from a certain IP address while leaving all others on a faster, open connection.
If you’re an Android TV user, PureVPN is definitely the way to go here.
Essential VPN Features to Consider
As far as the most important VPN features go, split tunneling isn’t very high on the list. It’s useful in very specific cases, but it’s not absolutely necessary for everybody who uses a virtual private network.
For those who are iOS users, you’re going to be hard-pressed to find a way to use this feature. For you, either all your traffic goes through a VPN or it doesn’t.
However, for those using a Mac, Windows or Android device, chances are you’ll easily be able to find a split tunneling VPN that fits your need. As I shared above, I recommend Surfshark for Windows & Android, ExpressVPN for Mac users and PureVPN for Android TV users.
If you have any questions, please leave a comment below or make sure to browse our list of the best VPNs on the market.