Top10VPN is editorially independent. Buying a VPN through our links supports our work.
What Is VPN Split Tunneling?
Simon Migliano
Simon Migliano is a recognized world expert in VPNs. He's tested hundreds of apps and his research has been featured on the BBC, The New York Times, and more. Read full bio
VPN split tunneling is an advanced feature that allows you to selectively route some internet traffic through a VPN server, while the remaining traffic accesses the internet directly. This lets you dictate which applications and services must use the encrypted VPN tunnel, and which ones must use your standard internet connection.
VPN split tunneling is an advanced feature of virtual private network software, designed to help you better manage and control your VPN traffic.
All our top VPN recommendations offer this feature on Windows and Android, but only some VPNs offer it on macOS, Linux, and Smart TVs. Even fewer VPNs include split tunneling on iOS, due to Apple’s restrictions.
This guide will explain how split tunneling works, its benefits, and how to use it safely. We’ll also reveal which VPNs offer the best split tunneling feature.
Why Trust Us?
We’re fully independent and have been reviewing VPNs since 2016. Our advice is based on our own testing results and is unaffected by financial incentives. Learn who we are and how we test VPNs.
What Is Split Tunneling?
When you connect to a VPN normally, all of your internet traffic is routed through the VPN server. When you turn on split tunneling, you specify which apps and websites are included in or excluded from your VPN connection.
For example, you might want to watch another country’s Netflix library, but you also want Google Maps to show your real location. You can turn on VPN split tunneling, so Netflix is included in your VPN connection and Google Maps is excluded.
Another way to look at it is that VPN split tunneling lets you specify which apps and services must use the public IP address assigned by your internet service provider.
This prevents some of your web traffic from being slowed down unnecessarily, and can prevent some programs from malfunctioning.
It can also be useful if you want to conserve battery power or decrease data usage. Alternatively, you might torrent often or simply use apps that don’t work well with VPN connections, like banking apps.
Different Types of VPN Split Tunneling
Bear in mind that VPNs name their split tunneling features differently. You might come across per-app split tunneling, whitelisting, or bypassing VPN features depending on your chosen VPN.
PIA has one of the most advanced split tunneling features.
There are three different ways that a VPN service can split your web traffic:
Per App Split Tunneling: Choose applications you want to run through a VPN connection or bypass a VPN connection. You can configure per-app split tunneling in VPN settings.
Per Site Split Tunneling: Choose domains or websites you want to access through a VPN connection or bypass a VPN connection. This is less common and typically found in VPN browser extensions.
IP Address Split Tunneling: Specify which IP addresses you want to bypass a VPN connection.
With split tunneling enabled, you can choose an app or website to either:
Use a VPN: Access your chosen apps or websites through the VPN connection — often called inverse split tunneling.
Bypass a VPN: Access everything apart from your chosen apps or websites through a VPN.
Is Split Tunneling Available on All Devices?
No, iOS has strict rules about which apps can separate internet traffic, making it difficult for VPNs to implement split tunneling.
Most VPN apps, including NordVPN, don’t offer a split tunneling feature on iOS because of these restrictions. However, some VPNs offer a split tunneling feature on routers, which can split tunnel all the devices connected to the router — including an iPhone.
NordVPN doesn’t offer split tunneling on iOS.
Is VPN Split Tunneling Completely Safe?
Split tunneling technology itself is completely safe, but you should use it with care. When you route traffic outside the encrypted VPN tunnel, your IP address and traffic are exposed.
The greatest risk of split tunneling at home is user error. If you disable the VPN for selected apps, you won’t have the protection you need. For this reason, we don’t recommend using it if you’re handling highly sensitive information, or you’re using a VPN to bypass government censorship.
Likewise, if you’re using split tunneling to route your traffic outside a corporate network, you’re potentially bypassing certain firewalls and safeguards that the company has put in place.
The company servers might inspect traffic to block dangerous web addresses and stop sensitive information from being leaked. If you connect to the web directly, you bypass this protection and put your device at greater risk of malware.
If an employee’s computer is compromised, it could become an entry point into the corporate network, at which point an attacker might be able to access company resources.
If you do choose to take advantage of VPN split tunneling, configure your client carefully.
What Is VPN Split Tunneling Used For?
If you’re concerned about securing your sensitive data or protecting your browsing from ISP surveillance, we recommend using a VPN for all forms of device traffic. However, split tunneling can be useful when:
You want to spoof your IP address for one activity (e.g. torrenting or gaming) without slowing down other non-sensitive online activities.
You use apps or services that don’t work well (or at all) through a VPN, such as Wikipedia editing, online banking, and Spotify streaming.
You need to access content from two regions, such as geo-restricted video content from abroad and home country search engine results.
Check out the video below to see 10 practical use cases for split tunneling:
In the following section, we’ll detail the main benefits of using a VPN’s split tunneling feature:
1. You Can Keep Your VPN Switched On
If you keep your VPN switched on permanently for full protection, you might find yourself turning it off from time to time when you need to use one of these apps or services. It’s a nuisance, and you risk leaking data if you forget to switch the VPN back on.
Split tunneling stops you from having to do that by enabling you to specify which apps go through the VPN tunnel.
2. Speed Up Your Connection
Using a VPN is slower than connecting directly to the web. The extra hop to the VPN server takes some time, and the encryption that the VPN performs also causes a delay.
Among the fastest VPNs, you’ll typically see a connection slowdown of between 1% and 10% when connecting from the US (New York) to the UK (London), or an equivalent distance.
By using split tunneling, you can speed up the performance of apps and websites that don’t need to be routed through the VPN.
3. Save on Cellular Data
If you have a cellular plan with a fixed data cap, you’ll also reach your limit faster with a VPN. In fact, you’ll consume between 4% and 20% more data with a VPN compared to browsing the web without one.
Using split tunneling, you can choose which applications go through the VPN tunnel, so you can avoid using more cellular data than you need to.
4. Maximize VPN Data Limits
While most premium VPNs offer unlimited data usage, free VPNs often apply a monthly limit to the amount of data you can route through their network.
Some free VPNs with data limits, such as Windscribe and Hide.me, support split tunneling, which means you can stretch your VPN data allowance as far as possible.
5. Secure Your Torrenting Activity
You can use split tunneling to route your torrenting traffic through a VPN server, while leaving the rest of your traffic unaffected. This lets you stream and browse without interruption, and continue to access devices on your local network.
6. Protect Your Gaming Traffic
The use of VPN services is becoming more common in the online gaming community. Many gamers are concerned about exposing their real location, while others are looking to avoid distributed denial of service (DDoS) attacks on their network.
Using a VPN service hides your IP address, so you can’t be identified or targeted. Online gaming is also data-intensive, so split tunneling lets you protect your gaming traffic while routing everything else directly.
7. Access Local Network Resources
You may have heard that directing your device traffic through a VPN can cause difficulties when connecting to devices on the local area network (LAN), such as a wireless printer. Some websites recommend using split tunneling as a solution to this problem.
We’ve tested this issue with a few popular VPN services, including ExpressVPN, Proton VPN, and PrivateVPN, and we recorded mixed results:
Proton VPN and PrivateVPN both worked to print wirelessly without activating split tunneling.
ExpressVPN worked to print without split tunneling when the setting labeled “allow access to devices on the local network” was enabled. However, printing didn’t work when this option was disabled. On mobile, it worked by default, with no special settings needed.
These results suggest that VPNs can have an impact on your ability to access LAN resources, but it’s not as much of an issue as some websites make out. If you’re using a top-tier VPN, it’s likely the VPN will provide an option to access LAN devices, or it might do so by default.
If you’re using a VPN that doesn’t work with devices on your local network, split tunneling is a viable solution.
8. Bypass VPN Blocks on Websites
Some apps and services simply won’t work with your VPN switched on. They might require your home IP address for authentication, or they might block traffic from known VPN servers altogether.
Spotify, Ticketmaster, and Steam block all forms of known VPN traffic. Wikipedia blocks VPN users from editing pages, and online banking systems may require you to carry out additional authentication measures if you use a VPN.
Your bank may also flag your activity as suspicious and temporarily freeze your account if you attempt to log in with a VPN IP address.
Split tunneling lets you continue to access these websites and services with your normal internet connection, while routing everything else through your VPN.
9. Access Local Streaming Services
It’s common to use a VPN to bypass geographic content restrictions on streaming services like Netflix. However, it’s possible you’ll still need to access local search results or content that is restricted to your home region.
Split tunneling allows you to choose which applications use your home IP address and which use the IP address of a VPN server.
10. Remote Working
While not strictly related to commercial VPNs, split tunneling is useful if you use a VPN to connect remotely to your workplace.
You can use the feature to only tunnel traffic related to your work, while the rest of your online activity is kept hidden from your employer.
How to Set Up Split Tunneling
PIA VPN's split tunneling setting worked smoothly in our latest tests.
Here’s how to turn on split tunneling using a VPN:
Subscribe to a VPN with split tunneling. We recommend PIA or ExpressVPN.
Install the app or browser extension and log in to your account.
Configure your split tunneling feature. Go to Settings > Split Tunneling and add apps or URLs you want to include or exclude from your VPN connection.
Connect to a VPN server. Once connected, you can use the internet and the VPN will automatically split tunnel your traffic based on your instructions.
Why Is VPN Split Tunneling Not Working?
If your split tunneling feature isn’t working correctly, there’s usually an issue with the VPN service or your device.
Here’s a list of troubleshooting tips:
Change VPN Protocol: We recommend using WireGuard for split tunneling because it’s modern, secure, and uses less data. We’ve seen OpenVPN can struggle with split tunneling on forum sites.
Delete and Reinstall Your VPN App: If you’ve encountered a software bug, we suggest deleting and reinstalling the latest version of your VPN app.
Check Your Device for Software Updates: We recommend regularly checking for software updates on your device to fix any security issues.
Enable the System Extension on Your macOS: Your Mac may block the system extension required for split tunneling. Go to your System Settings and manually enable the extension to fix the issue.
Contact Customer Support: The best VPNs have 24/7 live chat support that can help you configure split tunneling and answer urgent questions.
VPN Split Tunneling FAQs
Is Split Tunneling Supported on iOS?
In general, iOS doesn’t support split tunneling on consumer VPN services due to Apple’s own restrictions. Apple’s implementation of split tunneling, known as ‘per-app VPN’, is only available for apps managed via a mobile device management (MDM) solution. This solution is typically used by companies to control employee devices and isn’t practical for regular users.
Is Split Tunneling Supported on macOS?
Yes, but support is limited and varies by provider. Apple removed the APIs that VPNs depended on for split tunneling when it released macOS Big Sur (version 11) in late 2020, which is why the feature disappeared from most Mac apps for several years.
Providers have since rebuilt it, but availability is still patchy. PIA offers the most robust support (macOS 11+), while Surfshark and ExpressVPN also support it on newer macOS versions.
Limitations:
Safari: Most VPNs cannot exclude Safari from the VPN tunnel due to macOS system restrictions.
Exception: PIA is currently the only major provider that can exclude Safari, but only by enabling a special “WebKit” rule that also excludes Apple Mail and Maps.
Workaround: For all other VPNs, we recommend using Firefox or Chrome for any browsing you want to bypass the VPN.
Download source matters: Split tunneling is often blocked in Mac App Store versions. You must download the .dmg installation file directly from the provider’s website. This is strictly required for ExpressVPN and recommended for all others.
