Split tunneling is a VPN feature that divides your internet connection into two. It lets the user decide which internet traffic should be routed through the secure, encrypted VPN tunnel, and which should be connected directly to the internet. The concept is similar to whitelisting.
There’s all kinds of reasons a user may need to employ VPN split tunneling.
- Some websites and content may not be accessible through a VPN.
- You could have difficulty connecting to a local network device, like your printer.
- VPNs can take up a lot of bandwidth, so you could need faster speeds on a website that you don’t think requires VPN encryption.
- VPNs use split tunneling so you don’t have to turn off the VPN completely, potentially exposing your activity to nosey third parties.
If you’re in a hurry and need a great VPN that provides split tunneling, we recommend NordVPN.
There are plenty of reasons to try out a VPN. You can unlock all kinds of geo-specific content like American Netflix or watch pay-per-view boxing through free, international broadcasts. VPNs also allow you to browse the internet anonymously with your IP address completely cloaked and your data encrypted. You can even download a few torrents.
But you can run into issues when using a VPN. When you try to access certain websites through a VPN, the site can’t be reached. Sometimes certain apps don’t work properly. Or you can’t connect to your local printer. These are all issues that can be solved by split tunneling.
But how does VPN split tunneling work? Why would you use it? And do you need it? Let’s take a look.
How Does Split Tunneling Work?
Split tunneling is a software concept that essentially “splits” your internet connection into two. By doing this, your VPN provider creates two connections for you to use online: one connection that uses a secure VPN tunnel to encrypt all your data, and another that allows you to connect directly to the internet.
By default, VPNs route all your internet traffic through a secure, encrypted tunnel, hiding all your online data and activity from would-be watchers. Split tunneling is a feature that many of the best VPN providers offer. It lets you choose which sites, apps and networks you want to run through the VPN, and which ones you’d like to access directly. Think about it as keeping one foot in and one foot out of your VPN tunnel.
Let’s look at Wikipedia as an example. The online encyclopedia behemoth doesn’t allow editors to make changes to Wikipedia pages while using a VPN or proxy. So, if you wanted to make an edit, you’d have to add their site to your VPN split tunneling list. Another example is Ticketmaster. If you use a VPN and you’re looking to buy tickets to concerts or sporting events through their site, you might also need to use split tunneling features.
Do I Need Split Tunneling?
Whether or not you need split tunneling is entirely up to you. Though you probably won’t need to use it every moment of your day, split tunneling does have its purpose. Here are a few common situations that you could run into:
Accessing LAN devices
If your printer or other local devices aren’t connecting properly, it could be because of your VPN. A Local Area Network (LAN) is a network of computers and devices on the same floor or building. VPNs bypass these networks by default when they create a secure tunnel for anonymous browsing. NordVPN lets you turn off LAN invisibility in its settings to access these devices. ExpressVPN also has similar split tunneling options. If you install ExpressVPN’s VPN app on your router, you can use split tunneling settings to access LAN resources, like your printer, from all devices connected to your router.
Simultaneous access to local and foreign content
You could be losing access to certain websites while using a VPN’s foreign server (or vice versa) and need an alternate connection to reach it. The way split tunneling works, you’d be able to stream a German Netflix series while being able to access your local content at the same time. This would also work for Ticketmaster or other sites that aren’t working properly.
Need for increased bandwidth
It shouldn’t come as a surprise that all the encryption that VPNs do can take up a lot of bandwidth. You may need increased speed on certain sites because your VPN encryption is taking up too much bandwidth. Split tunneling works by freeing up some space to let you download safely while surfing at optimum speeds.
Different types of VPN split tunneling
There are several ways to use VPN split tunneling. Each major VPN provider has a slightly different variation of these concepts, but the idea is more or less the same. You’re either selecting which apps and websites to run through the VPN, or whitelisting apps and websites to bypass the VPN. We’ve listed them here:
Inverse split tunneling
If you’re using a VPN, we suggest this method. Your default setting is to run everything through your VPN. Inverse split tunneling is like whitelisting. You specify which apps and URLs you would like to connect directly to the internet. So if Ticketmaster isn’t working on your VPN, you can use split tunneling to access the URL. Or if a social media app isn’t functioning properly, you can use split tunneling to connect directly. You’d use the VPN for everything else. This lets you decide what to connect to directly as you go along.
Split tunneling for apps
This feature lets you choose the specific apps that you want to go through the VPN. If you don’t want to use your VPN for everything, you might use split tunneling for specific torrent downloaders, shopping, travel and banking apps, or anything else that might contain data concerning your privacy. Any other internet traffic goes through your regular network.
Split tunneling for individual URLs
This is similar to the above, but instead, you specify which URLs will be encrypted through the VPN tunnel. So if you’re on shopping, travel or banking websites, you can use the VPN. If you’re using a VPN browser extension, you can easily set URLs you want to run through your VPN from your browser. All other internet traffic would go through your regular network.
Is it Safe to Use VPN Split Tunneling?
Using split tunneling is safer than turning off the VPN entirely. Once you turn off your VPN, all your online behavior could potentially be seen by your internet service provider (ISP) and other parties, like hackers, trackers, and other online snoops.
When you use split tunneling, you’re only turning off the VPN for selected sites or apps. It’s running everywhere else on your browser and device. You should only use split tunneling on sites that you completely trust or have advanced security measures. To protect your privacy and security, make sure to use encrypted VPN connections when entering sensitive information or downloading online.
How Do I Use Split Tunneling?
Our top recommended VPN providers all have split tunneling features. The idea is the same, but they all have slightly different variations. If you want to enable split tunneling on your Android or Windows desktop or mobile device, just look in the settings on the desktop or mobile apps. It’s important to note that at this time iOS doesn’t support split tunneling, nor does macOS 11 (Big Sur).
ExpressVPN split tunneling
- Open ExpressVPN and click on the Options cogwheel.
- Under General, check the Manage connections on a per-app basis box under Split tunneling. Note that your VPN will have to be turned off while you configure your settings.
- You have two different options:
- Choose Do not allow selected apps to use the VPN for inverse split tunneling. Select the apps you’d like to connect directly to the internet. All others go through the VPN.
- Choose Only allow selected apps to use the VPN to select apps to route through the VPN. All other apps will connect directly to the internet.
NordVPN split tunneling
- Open NordVPN, and click on the Settings cogwheel.
- Click on Split Tunneling.
- Toggle the switch for Split Tunneling to On.
- You have two options:
- For inverse split tunneling, click Disable VPN for selected apps. Decide which apps you’d like to disable the VPN for on your device. All other internet traffic will run through the VPN.
- To select specific apps to run through the VPN, click Enable VPN for selected apps only. All other internet traffic will be routed through the direct connection.
- Open Surfshark and click on Features.
- Click on Whitelist.
- There are three options:
- To select specific apps to run through the VPN, click Route via VPN. All other internet traffic will be routed through the direct connection.
- For inverse split tunneling, click Bypass VPN. Decide which apps you’d like to disable the VPN for on your device. All other internet traffic will run through the VPN.
- If you want the same inverse split tunneling for URLs, click Bypass VPN under Websites/IP Addresses. Add websites and IP addresses you’d like to whitelist.
CyberGhost split tunneling
- Open CyberGhost and click the CyberGhost icon.
- Select Smart Rules.
- For inverse split tunneling, under the Smart Rules tabs, select Exceptions.
- Toggle the Exceptions switch On, and choose the URLs you don’t want to send through the VPN tunnel.
- Under the Smart Rules tabs, select App rules and choose which apps you want CyberGhost to automatically connect to the VPN server when you open them.
Create Your Own Split Tunnel
Want to get creative? Make your own split tunnel using two browsers. Think about it like this:
- You’re living in the United States, and want to watch a British TV show with a VPN.
- But your college’s basketball team has an important game that only local media is covering.
- You want to click over to check the basketball score while you’re watching the British show, but you can’t get into the local sites through your UK VPN connection.
So what do you do? Turn off your VPN app, but run NordVPN’s browser extension through Brave or Safari and watch your British show. Meanwhile, you’re using Mozilla Firefox to connect directly to the internet to follow the basketball game. Just remember that in this scenario, your ISP or other third parties could see what you’re up on Mozilla Firefox. On Brave or Safari, you’d be protected in a secure, encrypted tunnel.
VPN split tunneling is a useful tool in your journey to internet privacy and freedom. VPNs bring countless advantages to the table, but also create some new issues in the process. Local connection problems, bandwidth-hogging, and loss of access to certain types of content can all pop up when using a VPN server. Newer VPNs like Malwarebytes Privacy VPN also offer split tunneling, though the feature is named differently. VPN split tunneling sets out to solve those issues, and does so while also keeping your privacy and security as a priority.
Do you have any questions about VPN split tunneling? Click on our Frequently Asked Questions below to find the answer.
Split tunneling is a VPN feature that lets the user decide what internet traffic gets routed through the VPN’s encryption, and what traffic gets connected directly to the internet. If you run all your internet traffic through a VPN, it’s like whitelisting sites of your choice. For all the reasons you might use this feature, check out our full article.
There are many reasons to use split tunneling on your VPN. You could:
- Have trouble accessing your local printer through a VPN.
- Want to browse local and foreign content at the same time.
- Lose access to certain websites.
- Have certain apps not working properly.
- Need more bandwidth
Split tunneling can fix these issues.
Split tunneling is safer than disconnecting from the VPN altogether if you need to connect to a site that’s inaccessible through a VPN. Split tunneling allows you to cloak certain online activities while connecting directly to the internet for others. This way, you’re not exposing yourself entirely.