What Is VPN Split Tunneling? How to Use It
Split tunneling lets you choose which apps or traffic routes through the VPN and which connects directly to the internet. Your Netflix app can stream through a US VPN server while your banking app connects with your real IP. The result: VPN protection where you need it, full speed everywhere else.
How split tunneling works
By default, a VPN routes ALL your traffic through the encrypted tunnel. Split tunneling creates exceptions — specific apps or IP ranges bypass the tunnel and use your normal internet connection. Your device maintains two simultaneous routes: one through the VPN, one direct.
The two types of split tunneling
- Inclusive (route only selected apps through VPN): You pick which apps use the VPN. Everything else goes direct. Useful when you only need VPN for specific tasks.
- Exclusive (route all traffic through VPN except selected apps): Everything uses the VPN except the apps you exclude. Better security baseline with exceptions for local network access.
When split tunneling is useful
- Streaming + banking simultaneously: Stream Netflix US through VPN while banking app uses your real IP (many banks block VPN connections).
- Remote work: Route corporate apps through company VPN, personal traffic direct.
- Gaming + browsing: Connect gaming server directly (for lowest latency) while browsing through VPN.
- Local network access: Access your home printer or NAS while VPN is active — direct local traffic, VPN for internet.
- Download speed: Large downloads that don't need VPN protection bypass the tunnel for full speed.
VPNs with the best split tunneling
iOS does not allow true system-level split tunneling due to Apple's API restrictions. On iPhone, per-app VPN requires corporate MDM configuration.
- ExpressVPN: Split tunneling on Windows, Mac, Android, and router firmware. Clean interface.
- NordVPN: Split tunneling on Windows and Android. Not available on iOS (Apple restrictions).
- Private Internet Access: Both inclusive and exclusive split tunneling on all major platforms.
- Surfshark: Bypasser feature — good implementation on all platforms.
- ProtonVPN: Available on Windows and Android.
Frequently asked questions
Is split tunneling safe?
Split tunneling introduces a tradeoff — apps outside the tunnel have no VPN protection. If you route sensitive apps through the VPN and non-sensitive apps direct, it's safe. Avoid routing any app with sensitive data (banking, email) outside the tunnel.
Does split tunneling affect speed?
Split tunneling can actually improve speed for apps that don't need VPN protection — they bypass the encryption overhead and connect directly.
Why doesn't split tunneling work on iPhone?
Apple's iOS API doesn't allow VPN apps to implement true split tunneling at the OS level. Corporate MDM setups can use per-app VPN, but consumer VPN apps can't offer real split tunneling on iPhone. Android has no such restriction.