What is VPN Split Tunnelling and do YOU need it?

Split Tunnelling

You may have heard about ‘Split Tunnelling‘ as a term used when discussing the benefits and features of VPNs.

It is not a VPN-defining feature, but it is something that many VPN services have, and if you were wondering what it is and whether you really need it, allow me to explain and tell you why you too might need it.

There are some very critical reasons for using Split Tunnelling, but I’ll cover more on that later.

What is Split Tunnelling?

Split Tunnelling is one of the VPN features that many different VPNs offer as part of their app.

When you use a VPN, you connect to a VPN-owned server and send 100% of your traffic to that server by default.

This means no matter what you do on the internet, it’s all funnelled to the VPN server first.

However, if you use Split Tunnelling, you can choose to send a particular portion of your traffic via your regular internet connection. Just the same as if you weren’t using a VPN at all for that service, app, website or whatever.

This has many benefits including:

  • Puts you in control
  • No need for disconnecting
  • Access regionally restricted content

Basically, only a part of your traffic – the part that you individually select – will go through VPN servers and be protected.

Although most VPN apps will push all of your usage through their servers, letting you choose which will fall outside.

How does Split Tunnelling work?

Split Tunnelling can work in two different ways, depending on how you wish to use it.

It can either protect all of your apps and traffic except for some that you specifically exclude, which is how conventional Split Tunnelling works.

“protect all of your apps and traffic except for some that you specifically exclude”

Alternatively, you can also use what is known as ‘Inverse Split Tunnelling‘, which is the complete opposite of the first one.

None of your traffic is protected, apart from specifically selected apps or devices. You can choose to protect as many apps as you wish, depending on your needs.

However, as previously mentioned, most VPN apps use the usual method of securing everything except that which you specifically select.

But wait, there is more…

Do I need Split Tunnelling?

You may be wondering, Do I even need Split Tunnelling?.

If you are, the answer depends on you and on what you want to do.

If you wish certain apps to fall outside of the VPN connection, or you want only certain apps to be protected, this is the best way to do it.

It’s also possible in some cases to have specific websites to fall outside the connection but this can be less common and depend much on what device you’re using.

So about those critical use cases…

If you are having trouble connecting to your bank account or PayPal from abroad, you may wish to use a VPN to connect to your home country and access it easier, while allowing other content to use your overseas connection.

Getting frozen out of sites isn’t much fun:

Genius Kitchen Blocked

Alternatively, if you are sitting at home, connected to an out of country server, and you have trouble accessing your bank account or PayPal, you can also avoid protecting that part of traffic and use your local connection to gain access to it easier.

Much depends on your usage and needs.

Are there negatives to Split Tunnelling?

Unfortunately, there are a few flaws with Split Tunnelling that you should be aware of:

  • User error in configuration
  • Forgetting to remove exceptions
  • Unprotected traffic

For example, none of the traffic that is excluded from going to the VPN server is protected.

That means that your ISP can see and record some of it, and so can hackers in some circumstances if you happen to use public Wi-Fi to which the hacker is also connected.

Other than that, there are no significant disadvantages or negatives to using this process, although there are quite a few uses, as mentioned before.

Who offers Split Tunnelling?

We have mentioned this at the beginning, but not all VPNs are offering Split Tunnelling, so it pays to do some research before signing up to just any VPN service.

This is because not all VPNs are the same, and many services only have the basic VPN features, such as encryption, security protocols, and server networks.

Split Tunnelling is usually filed under the category of additional feature. It’s also a feature of their dedicated apps rather than their VPN service itself.

Some of the ones that offer include:

All three are well-known in the VPN industry, and some of the most trusted providers out there.

They also offer expert security features, large server networks, and other useful features such as a money-back guarantee.

Of course, these are all premium VPNs, so you should also keep that in mind, but they are not expensive, and your security and privacy are definitely worth the price.

Now, there is one more point I need to make…

Do free VPNs offer Split Tunnelling?

If you were planning on using a free VPN, you should be aware right now that these services do not offer Split Tunnelling.

It is an advanced feature that is only present on the best services, and free VPNs, being free, usually don’t bother with added bells and whistles.

This is hardly surprising, as they usually lack any features beyond what is necessary to be called a VPN in the first place.

Even those basic features are of lesser quality. Remember – you get what you pay for.


Split Tunnelling is only one feature that can be found in the top VPNs’ arsenal, but it is definitely one that has its uses.

It allows you to protect only certain apps, websites or services, or exclude them from total protection; however you choose to use it.

It has multiple advantages, and not that many flaws, so we believe that it is a welcome addition to any VPN app.

Unfortunately, as an advanced feature, it can only be found as part of the best VPNs out there, so make your choice carefully when picking a service that you wish to use.

Illustration © Ahasoft | www.dreamstime.com

Author: Ali Raza

Ali is a journalist with a keen interest in VPN usage. He is an expert in the field and has been covering VPN related topics for VPNCompare and numerous well-respected publications for many years.


  1. Condo Ghost

    You mention that NordVPN offers ‘split tunneling’? I’ve not seen that with their desktop app nor their browser extension, and specifically with their browser extension, it ‘ignores’ ‘No proxy for:’ connection settings making it ‘difficult’ with the likes of Google, Microsoft, Hotmail. Yahoo mail, most banking websites and many other websites especially those requiring payment authorization these days who red flag every time an IP address is used that differs from the last time logged-in forcing secondary security protocols that unfortunately are often OTP to a registered mobile number despite having a 27-character password set of uppercase. lowercase, numeric and special characters as well as a memorable answer and/or a 6-digit code where we are required to enter 3 randomly selected digits of that 6-digit code. It seems many websites particularly in Europe are taking the route of ‘lowest common denominator’ believing that despite all this ‘security’, a ‘change of IP address’ is a ‘red flag’ that necessitates ‘external two-step mobile verification’ rather than an internal verification such as keying and matching a ‘second stored password’ or an OTP sent to a designated email address.

    • Christopher Seward

      Hi Condo Ghost,

      You’re correct, NordVPN does offer it, but it seems only on their Android app currently, we should have made that clearer.

      On your second point I definitely agree. While a change of IP Address may have been a red flag 5 or 10 years ago, it should no longer solely be the case but it appears, as you say, it is still a determining factor for many services.

      Often it seems these systems kick in when you least want them to, but fail to in other circumstances. There are some other providers which offer split tunneling across a wider range of apps, have you considered changing?

Leave a Reply

Your email address will not be published. Required fields are marked *