We review VPNs independently, but we may earn commissions if you buy a VPN via our links.
VPN split tunneling is an advanced feature that allows you to selectively route some internet traffic through a VPN server, while the remaining traffic accesses the internet directly. This lets you dictate which applications and services must use the encrypted VPN tunnel, and which ones must use your standard internet connection.
VPN split tunneling is an advanced feature of virtual private network software, designed to help you better manage and control your VPN traffic.
All our top VPN recommendations offer this feature on Windows and Android, but only some VPNs offer it on macOS, Linux, and Smart TVs. Sadly, split tunneling simply isn’t available on iOS due to Apple’s strict restrictions.
This guide will explain how split tunneling works, its benefits, and how to use it safely. We’ll also reveal which VPNs offer the best split tunneling feature.
We’re fully independent and have been reviewing VPNs since 2016. Our advice is based on our own testing results and is unaffected by financial incentives. Learn who we are and how we test VPNs.
VPN split tunneling is an advanced feature offered by some VPN services. It allows you to use two different network connections simultaneously, so you can dictate which applications and services use the encrypted VPN tunnel, and which ones use your standard internet connection.
When you connect a VPN normally, all of your internet traffic is routed through the VPN server. When you turn on split tunneling, you specify which apps and websites are included and excluded from your VPN connection.
For example, you might want to watch another country’s Netflix library, but you also want Google Maps to show your real location. You can turn on VPN split tunneling, so Netflix is included in your VPN connection and Google Maps is excluded.
Another way to look at it is that VPN split tunneling lets you specify which apps and services must use the public IP address assigned by your internet service provider.
This prevents some of your web traffic being slowed down unnecessarily, and sometimes prevents programs from not working properly.
It can also be useful if you want to conserve battery power or decrease data usage. Alternatively, you might torrent often or simply use apps that don’t work well with VPN connections, like banking apps.
Bear in mind that VPNs name their split tunneling features differently. You might come across per-app split tunneling, whitelisting, or bypassing VPN features depending on your chosen VPN.
PIA offers the most comprehensive split tunneling features – available on Windows, macOS, browser extensions, and more.
There are three different ways that a VPN service can split your web traffic:
With split tunneling enabled, you can choose an app or website to either:
No, iOS has strict rules about which apps can separate internet traffic, making it difficult for VPNs to implement split tunneling.
Most VPN apps, including ExpressVPN and NordVPN don’t offer a split tunneling feature on iOS due to these restrictions or privacy reasons. However, some VPNs offer a split tunneling feature on routers, which can split tunnel all the devices connected to the router — including an iPhone.
NordVPN does not offer split tunneling on iOS.
Split tunneling technology itself is completely safe, but you should use it with care. When you route traffic outside the encrypted VPN tunnel, your IP address and the nature of that traffic are exposed.
The greatest risk of split tunneling at home is user error. If you disable the VPN for selected apps, you won’t have the protection you need. For this reason, we don’t recommend using it if you’re handling highly sensitive information, or you’re using a VPN to bypass government censorship.
Likewise, if you’re using split tunneling to route your traffic outside a corporate network, you’re potentially bypassing certain firewalls and safeguards that company has put in place.
The company servers might inspect traffic to block dangerous web addresses and stop sensitive information being leaked. If you connect to the web directly, you bypass this protection and put your device at greater risk of malware.
If an employee’s computer is compromised, it could be a potential entry point into the corporate network, at which point an attacker might be able to access company resources.
If you do choose to take advantage of VPN split tunneling, configure your client carefully.
If you’re concerned about securing your sensitive data or protecting your browsing from ISP surveillance, we recommend using a VPN for all forms of device traffic. However, split tunneling can be useful when:
Check out the video below to see 10 practical use cases where we use split tunneling:
In the following section, we’ll detail the main benefits of using a VPN’s split tunneling feature:
Some applications and services simply won’t work with your VPN switched on. They might require your home IP address for authentication, or they might block traffic from known VPN servers altogether.
Spotify, Ticketmaster, and Steam block all forms of known VPN traffic. Wikipedia blocks VPN users from editing pages, and online banking systems may require you to carry out additional authentication measures if you use a VPN.
If you keep your VPN switched on permanently for full protection, you might find yourself turning it off from time to time when you need to use one of these apps or services. It’s a nuisance, and it risks you leaking data if you forget the VPN is off.
Split tunneling stops you from having to do that by enabling you to specify which apps go through the VPN tunnel.
Using a VPN is slower than connecting directly to the web. The extra hop to the VPN server takes some time, and the encryption that the VPN performs also causes a delay.
Among the fastest VPNs, you’ll typically see a connection slowdown of between 1% and 10% when connecting from the US (New York) to the UK (London), or an equivalent distance.
By using split tunneling, you can speed up the performance of apps and websites that do not need to be routed through the VPN.
While most premium VPNs offer unlimited data usage, free VPNs often apply a monthly limit to the amount of data you can route through their network.
Some free VPNs with data limits such as Windscribe Free and Hide.me support split tunneling, which means you can stretch your VPN data allowance as far as possible.
If you have a cellular plan with a fixed data cap, you’ll also reach your limit faster with a VPN. In fact, you’ll consume between 4% and 20% more data with a VPN compared to browsing the web without one.
Using split tunneling, you can choose which applications go through the VPN tunnel, so you can avoid using more cellular data than you need to.
The use of VPN services is becoming more common in the online gaming community. Many gamers are concerned about exposing their real location, while others are looking to avoid distributed denial of service (DDoS) attacks on their network.
Using a VPN service hides your IP address, so you can’t be identified or targeted. However, gaming is incredibly data-intensive. In this case, split tunneling allows you to protect your gaming activity while routing the rest of your traffic elsewhere.
You may have heard that directing your device traffic through a VPN can cause difficulties when connecting to devices on the local area network (LAN), such as a wireless printer. Some websites recommend using split tunneling as a solution to this problem.
We’ve tested this issue with a few popular VPN services including ExpressVPN, Proton VPN, and PrivateVPN, and we recorded mixed results:
These results suggest that VPNs can have an impact on your ability to access LAN resources, but it’s not as much of an issue as some websites make out. If you’re using a top-tier VPN, it’s likely the VPN will provide an option to access LAN devices, or it might do so by default.
If you’re using a VPN that doesn’t work with devices on your local network, split tunneling is a viable solution.
It’s common to use a VPN to bypass geographic content restrictions on streaming services like Netflix. However, it’s possible you’ll still need to access local search results or content that is restricted to your home region.
Split tunneling allows you to choose which applications use your home IP address and which use the IP address of a VPN server.
Split tunneling features are not all built equally, some may be vulnerable to leaks or fail to route your traffic effectively.
That’s why we’ve taken the time to test 61 VPNs personally and recommend the safest and most advanced VPN split tunneling features.
Here’s a table comparing the split tunneling features, logging policy, speeds, and more with our VPN recommendations:
PIA is our top choice for VPN split tunneling because it offers the most flexible and secure split tunneling feature we’ve tested, with per-app, per-website, and IP address split tunneling available.
It offers this feature on more devices than any other VPN (including macOS and browser extensions).
PIA is also one of the most private VPNs on the market, with strong AES-256 and ChaCha20 encryption, a verified no-logs policy, functioning kill switch, P2P-friendly servers, ad blocker, and built-in leak protection.
The VPN has servers in 91, delivering fast speeds and keeping latency low no matter where you’re based. It also works with popular streaming platforms like Netflix, Max, Prime Video, and more. For the best results, we recommend using its Streaming Optimized servers.
As an added bonus, PIA is a budget-friendly option. The two-year plan costs $2.03 per month, offering superb value for money, or $11.99 per month on a rolling monthly contract.
There are a couple downsides: beginners might find its flexible split tunneling feature confusing, but there’s 24/7 live chat support if you need help and comprehensive guides. There’s also no native split tunneling on iOS – though that’s the case for all VPNs due to Apple’s restrictions.
ExpressVPN is our runner-up recommendation for VPN split tunneling. The VPN’s unique selling point is its custom router app, allowing you to split tunnel traffic on all the devices in your household – including your phones, computer, and smart TVs or consoles.
With ExpressVPN’s router app, you can create separate Device Groups, connecting each group of devices to a different VPN location or bypassing the VPN entirely.
There’s a native split tunneling feature available on Android, Windows and Amazon Firestick, but you won’t be able to use it on iOS, browser extensions, or macOS 11 and above.
Using ExpressVPN’s Firestick app, you can split tunnel apps like Netflix or Prime Video through a specific VPN server.
ExpressVPN is an excellent all-round option. It unblocks 95% of streaming platforms we’ve tested it with, has extremely high security standards, with AES-256 or ChaCha20 encryption, and diskless servers, and it provides very fast download speeds.
It also has the best VPN server network, covering 106 countries, so you can get an IP address from almost every location in the world. There’s super-quick and well-informed customer support via 24/7 live chat if you have any issues with its split tunneling feature.
However, ExpressVPN is more expensive than some of its competitors, such as PIA (our top recommendation for split tunneling). But if you need a router split tunneling compatibility, ExpressVPN is the best solution.
PIA VPN's split tunneling setting worked smoothly in our latest tests.
Here’s how to turn on split tunneling using a VPN:
If your split tunneling feature isn’t working correctly, there’s usually an issue with the VPN service or your device.
Here’s a list of troubleshooting tips:
No, iOS does not support split tunneling on consumer VPN services due to Apple’s own regulations. Apple implementation of split tunneling, known as ‘per app VPN.’ is only available for apps managed via a mobile device management (MDM) solution. This solution is typically used by companies to control employee devices and is not practical for regular users.
