what is split tunneling in vpn

What Is Split Tunneling In VPN 2021? (With Examples)

Reading Time: 6 minutes

Last Updated on July 29, 2021 by Admin

Split tunneling in VPN services is a feature that is beneficial as you see later. Every premium VPN must be able to support split tunneling, but what is it?

Definition of split tunneling

Split tunneling is a feature in a VPN that divides (or splits) internet traffic from your apps or devices and routes some of the traffic through an encrypted VPN tunnel, while the rest of the traffic passes through an open tunnel without encryption.

This means you have traffic that is not encrypted and uses your actual IP address, while the rest of the traffic is encrypted.

There are reasons why you may want to route traffic outside a VPN tunnel, something that I cover below, so keep reading.

Why do I need split tunneling?

As you know, a VPN encrypts your traffic and changes your IP address. This causes speed to drop as data passes through the tunnel and you may not be able to access services that require your actual IP address e.g. your printer.

In that case split tunneling allows you to access local devices and maintain high speeds while keeping specific apps or devices secure.

Any data that you want to keep private can still pass through the VPN tunnel while other sites are visited directly without encryption.

  • Pro-tip: If you want a VPN with split tunneling, make sure you choose the best VPN so that the speed-drop is within acceptable range. Try NordVPN.

In addition, by splitting your internet traffic, you save on bandwidth as only some of the traffic is encrypted..

How split tunneling works

When you use a VPN, your device is connected to a secure VPN server and this server accesses the open internet.

Traffic is encrypted between your device and the VPN server, creating a VPN tunnel.

When you use split tunneling, the VPN creates another connection that doesn’t pass through the tunnel.

split tunneling in vpn

You have to select which apps or URLs are routed through the VPN tunnel.

Any apps that you want to keep private and secure pass through the VPN tunnel, while other apps use the open internet directly.

Types of split tunneling

Split tunneling has variations that you need to know about. This makes it easier to quickly determine which traffic passes inside or outside the tunnel.

1. Inverse split tunneling

In this set up, all traffic is routed through the VPN tunnel by default and you have to select specific apps that should access the open internet directly.

2. Dynamic split tunneling

This type of split tunneling uses hostname rules or policies to derive IP addresses that should be routed inside or outside the VPN tunnel.

3. IPv6 dual stack networking

This is a situation you have to watch out for. Make sure your VPN supports both IPv4 and IPv6 addresses because if not, your IPv6 data may leave your device unencrypted when the VPN is active.

Make sure you use a premium VPN that supports both versions. I have gone through a list of good VPNs in the next section below.

Pros and cons of split tunneling

Is split tunneling good or bad? Let’s look at both sides so that you have a clear picture of whether to activate it or not.

Benefits of split tunneling

  • You don’t have to continuously connect and disconnect a VPN as you switch between a VPN tunnel and direct connection.
  • VPN bandwidth is saved because traffic that doesn’t need to be encrypted passes outside the VPN tunnel. This increases the speed of the network, giving you a better internet experience.
  • With split tunneling, you can still access your Local Area Network services and route some of the traffic in the VPN tunnel.
  • You can enjoy local streaming services that require your actual IP addresses and also access foreign services.

Disadvantages and risks of split tunneling

  • You bypass security measures that come with routing your traffic through a VPN tunnel. Traffic outside the VPN tunnel is not encrypted and this exposes your device to hackers. Once your device is hacked, this compromises the whole network, including any remote sites you access.
  • The government, ISP and hackers can see the sites you visit outside the VPN tunnel, thus compromising privacy.
  • You may face challenges setting up the right permissions for split tunneling. If you don’t set it up correctly, you leave the door open for hackers and interested parties.
  • Got no time? The overall best VPN that supports split tunneling is NordVPN
logotype horizontal
  • Overall BEST VPN
  • Save 68% for a 2-year plan
  • Unblocks Netflix
  • Adblock & antimalware

How do you use split tunneling?

Split tunneling is enabled in the Settings of your VPN app and you select how you want to manage URLs or apps.

Here you choose which apps or URLs pass through the VPN or those you want to route outside the VPN tunnel.

To stop split tunneling, you go back to the Settings and disable it and the options may vary in different VPNs.

How do you check split tunneling?

You can easily check whether split tunneling is active by trying to unblock a site that is normally restricted in your country e.g. Netflix or by checking your IP address.

If your IP address has changed and you are able to unblock a site that is normally geo-blocked, it means you have successfully masked your IP address.

Remember, in normal split tunneling you have to select which apps or URLs pass through the tunnel while the rest of the traffic is not encrypted.

Make sure you have set up split tunneling correctly so that you don’t share sensitive data outside the VPN tunnel.

Split tunnel vs full tunnel

When you use a full tunnel, it means all your traffic passes through the VPN, be it from apps or browsers.

While it is the most secure set up, if you use a low quality VPN, connection speeds may drop significantly and you experience a poor user experience.

In split tunneling, as described earlier, part of the internet traffic passes through the VPN tunnel and the rest outside the tunnel.

It is more secure to use a full tunnel and a premium VPN so that VPN speeds are not affected significantly.

VPNs that support split tunneling

There are top VPN services that support split tunneling and you can start using any of them today.

They all come with a money-back guarantee so that you can test all the features of a VPN before getting a full plan.

1. NordVPN – Has all the essential security features (Editor’s Choice)

Our Rating 4.8

NordVPN is the overall best VPN service out there with more than 5100 optimized servers in over 59 countries.

It perfectly balances functionality and price, giving it a huge edge over other VPN services.

There are numerous security features integrated in the VPN that include antimalware, adblock, NordLynx and more.

Up to 6 devices are supported simultaneously on one account and all major operating systems are supported.

NordVPN customer support is excellent with 24/7 live chat available to take care of any issues.

You can easily unblock streaming sites like Netflix, torrent and game online with this VPN.

The best plan is a 2-year plan where you get 68% off if you use the link below.

Support for split tunneling is available for your computer and mobile device.

Get 68% off a 2-year plan and 30-day money-back guarantee:

2. ExpressVPN – Fast servers

Our Rating 4.7

This is a top VPN with super-fast servers that are ideal for streaming and other online activities that require high bandwidth.

If price is not an issue (ExpressVPN plans are relatively costly), this is easily the best VPN you can use.

You get strong encryption and excellent customer support with live chat to address any issues.

ExpressVPN supports split-tunneling so that you can use your actual IP address while other traffic passes through the VPN tunnel.

There are over 3000 servers in over 160 locations around the world in 94 countries.

Get 35% off a 1-year plan and 30-day money-back guarantee:

3. Private Internet Access VPN – Wide coverage and secure

Our Rating 4.1

This is another heavy-weight with extensive server coverage, with more than 35 000 servers in 78+ locations. 

Split tunneling is available and you are able to access sites that require your actual IP address e.g your bank.

The VPN service comes with no DNS leaks, a reliable kill switch, zero logging of your data and more.

PIA has both WireGuard and OpenVPN, both which are very secure.

All major operating systems are supported and that includes Windows, MacOS, Android, iOS and Linux.

Up to 10 devices are supported simultaneously on one account.

Get 73% off a 2-year plan and 30-day money-back guarantee:

4. Surfshark VPN – Low-cost VPN

Our Rating 4.6

This VPN is very popular thanks to its affordable plans and frequent big promotions. Surfshark is definitely amongst the best VPNs.

Surfshark VPN has over 3200 servers in over 65 countries, thus the network is reliable.

There is support for all major operating systems and that makes it a good choice for a small family.

You also get split tunneling, making your internet browsing fast and efficient if you need to use your actual IP address.

One thing to note about Surfshark VPN is that you can connect an unlimited number of devices simultaneously on one account.

Unblocking streaming sites is seamless and the servers are also optimized for torrenting.

Get 83% off a 2-year plan and 30-day money-back guarantee:

5. IPVanish VPN – Extensive servers in the USA

Our Rating 4.5

This VPN service is based in the USA and also offers all standard features that you should look for in a VPN.

There is no free trial when you start using IPVanish, but there is a 30-day money-back guarantee.

Just like in other top VPNs, you get servers all over the globe but they are more concentrated in the USA, which has 915+ of the 1500 servers available.

This gives it a good network reliability plus a wide selection of IP addresses to use.

Split tunneling is available in the Android and FireOS apps, allowing to route traffic from selected apps outside the VPN tunnel.

Get extra 500 GB of storage and 30-day money-back guarantee:

6. CyberGhost VPN – User friendly and excellent connectivity

Our Rating 4.7

When it comes to hiding completely on the net, CyberGhost is definitely one of the top VPNs to consider. 

This VPN service has implemented anonymous dedicated servers such that not even the CyberGhost team keeps track of IP addresses assigned to users.

In other words, they continue to push the boundaries of security and anonymity.

There is a 45-day money-back guarantee if you sign up for the 3-year plan.

Split tunneling is obviously part of the package you get, amongst security features like AES 256 bit encryption.

However, as highlighted above, keep in mind that traffic outside the VPN tunnel is exposed to hackers and other interested parties.

Get 83% off a 3-year plan and 45-day money-back guarantee:


Slit tunneling is a feature that is essential in a VPN as you can work efficiently online without turning the VPN on and off.

Don’t forget to deactivate split tunneling when you need to be completely secure online. 

Keep in mind that traffic outside the VPN tunnel is vulnerable to cyber-attacks.

Leave comments below, subscribe to our VPNAnchor newsletter and share the article with your friends.

Tech writer and VPN expert. DIY enthusiast and loves anything to do with space science.

Leave a Reply

Your email address will not be published. Required fields are marked *