Today we’re going to talk about the best VPNs with split tunneling. By the time we are done, you’ll know how split tunneling works, why you might need it, why you might not want to use it, and the names of some top VPNs that include this feature. Let’s get right to it, shall we?
What is split tunneling with a VPN?
Normally, when you turn on your VPN, all message traffic between your device and the VPN server flows through the VPN’s encrypted tunnel. This is how a VPN fulfills its promise of securing your communications from snooping by your ISP, or anyone else who wants to spy on your online activities.
Split tunneling is a VPN feature that lets you send some message traffic through the VPN’s encrypted tunnel while other traffic goes outside the VPN. That might sound crazy. After all, you are paying good money to make sure your message traffic is safely encrypted. Why in the world would you want to have some traffic travel outside the secure tunnel?
Why you might need split tunneling
There are actually several reasons why you might need to use split tunneling. We can break these down into four types of needs (in no particular order). You might have:
- A need for speed
- A need for local connections
- A need to avoid blocks
- A need to go to work
Let me explain each of these now.
1. Split tunneling for speed
As you know, VPNs provide many benefits. In most cases, however, speed isn’t one of them. To understand why, let’s take a look at what happens when you communicate with a website or internet service without using a VPN.
When you communicate with a website or internet service through a VPN, communication can slow down, even with the fastest VPN. Every time a message goes out from your device, this is what happens to it:
- The VPN software on your device or router encrypts the message before sending it out onto the internet.
- The message arrives at a VPN server.
- The VPN server decrypts the message and replaces your IP address with its own before sending the message through the internet to the destination.
Regardless of the speed of your internet connection, the physical distance between your device and the destination, and any other considerations, all this extra encrypting and decrypting takes time. The result is an increase in the latency of the connection. Note that the latency of the connection and its bandwidth are two different things.
Bandwidth is how much data your internet connection can move per second. For example, a 100 Mbps internet connection can move 100 million bits of data per second.
Latency is the amount of time it takes for a message to travel from your device and for a response to return to your device. A latency of 50 ms means that it takes 50 milliseconds for a message from your device to travel to its destination and a response to return.
Note: Latency is also referred to as ping or ping time.
Bandwidth is the most important characteristic for things like streaming video or reading web pages. For tasks like these, latency doesn’t usually matter. Whether it takes 50 ms (five-hundredths of a second) or 200 ms (two-tenths of a second) for the streaming service or web page to respond to messages isn’t going to make any real difference to you.
Here’s a link to our review of the best VPNs for streaming.
Where latency becomes important is when you are doing interactive activities like computer gaming. For most online games, the lower the latency the better. Imagine you are playing a first-person shooter. A latency of five-hundredths of a second is not likely to be a problem but a latency of two-tenths of a second is surely going to be fatal (for your character, not for you!).
What all this means is if you are doing anything online that requires real-time responsiveness, you may well need to run this particular connection outside the VPN to keep the latency down.
If gaming is important to you, check out this review of the best VPNs for gaming.
2. Split tunneling for local connections
While one benefit of using a VPN is the encrypted tunnel it provides, the other benefit is the way it hides your IP address by substituting its own. Normally that IP address swap is great. But what if you need access to resources on your local network such as a printer or NAS (Network Attached Storage)?
Those local resources will typically only be available to devices within the network’s range of acceptable IP addresses. You won’t be able to connect to them through the VPN connection, since the VPN server’s IP address definitely won’t be accepted.
The solution is to configure your VPN’s split tunneling so that you access local resources directly instead of through the VPN.
3. Split tunneling to avoid blocks
Some online services are good at keeping you from connecting using a VPN. In particular, streaming media services (Netflix, Hulu, and so on) and banks often do a good job of blocking connections from IP addresses known to be used by VPN services. Disconnecting the VPN to use these services is not only a hassle, but it prevents you from simultaneously connecting to sites and services that do require VPN use.
Split tunneling may solve this problem for you. If you are using a local streaming service (you are in the US connecting to a US-based service for example), then you won’t need the VPN to connect. And virtually all banks that allow online banking have strong encryption in place so you don’t need the VPN to protect your account.
Configuring your VPN to run local streaming and online banking outside the tunnel could get you past their VPN blocks and give you a faster connection too. But don’t forget to use the VPN whenever possible! While you are not likely to be targeted in the global hacking spree the US and allies are blaming on China, there are plenty of non-State actors out there looking to hack any vulnerable target.
4. Split tunneling to go to work
In today’s work-from-home world, you need to be careful about what you do online. Many companies require you to connect to the office network through the company’s VPN connection. Not only could this make the company network vulnerable to hackers, but it could also lead to awkward personal situations.
Imagine that you are working from home and connected to the company’s VPN. You decide to take a break and check your personal email. Because you are connected to the company VPN, all your message traffic passes through the company’s network enroute between your device and your personal email service. And in many countries, employees have no right to privacy for any messages on the company network.
In other words, if you read your personal email, or visit Facebook pages, or check out those NSFW photos from last weekend’s big party while connected to the company network, the company gets access to that stuff too. Not good. Potentially very, very bad.
The solution would be to configure split tunneling so that connections to the company go outside your VPN and through the company’s secure connection, while your personal activities remain protected by your VPN.
Types of split tunneling with VPN services
We need to talk about the types of VPN split tunneling now. But before we do, you should know that this feature isn’t very standardized. Different VPN services call their split tunneling features by different names. Surfshark calls their split tunneling feature, the Bypasser, while both ExpressVPN and NordVPN call theirs Split Tunneling.
Likewise, different VPN services implement different combinations of the different types of split tunneling. Right here we’re going to talk about the types of split tunneling that exist, and sort out which ones are used by each particular VPN service (and what each VPN calls them) in the summaries that follow.
There are three types of split tunneling we need to consider:
- App exclusion (standard split tunneling) – By default, all traffic goes through the VPN, but you can choose to exclude specific apps from using the VPN tunnel. The excluded apps connect directly to the internet.
- Inverse split tunneling – By default, all traffic goes directly to the internet, but you can choose to send traffic from certain apps through the VPN tunnel. This is often referred to as inverse split tunneling. Do you need inverse split tunneling? It all depends on your situation and what you are looking to do with the VPN.
- Specifying URLs – This type of split tunneling is done by browser extensions. By default, all connections to websites are protected by the VPN, but you can specify certain URLs that will see your real IP address instead of the VPN server’s IP address.
How to use a split tunneling VPN
Every VPN does things a little differently and each one offers slightly different options. However, a specific example could be useful, so we’re going to walk through the steps of using split tunneling with the NordVPN desktop client running on Windows 10. This VPN doesn’t have too many options or requires lots of tricky steps to get things set up.
Setting up a VPN with split tunneling
Using a VPN with split tunneling is as simple as enabling the feature within the VPN app. For this example, we’ll look at this with NordVPN.
- Launch the NordVPN desktop client. Log in (if necessary) but do not connect to a VPN server!
- Click the gear icon in the NordVPN window to open the Settings page.
- In the menu on the left side of the window, select Split tunneling. This opens the Split tunneling page.
- Flip the Split tunneling toggle switch in the top right to On.
- If you want to send most of your traffic through the VPN (this is what we recommend), select Disable VPN for selected apps. If you want to only have a few apps go through the VPN tunnel, select Enable VPN for selected apps only.
- Click the Add apps button at the bottom of the page. This opens a list of the apps on your computer.
- Place a check next to the apps that will be affected by the option you selected two steps ago.
- Click the Add selected button. The list closes and you return to the Split tunneling page.
- Click the back arrow at the top left of the page to return to the main NordVPN page.
- Connect to the VPN network and enjoy split tunneling.
Now that we’ve got all that covered, it is time to look at the best VPNs for split tunneling.
The best VPNs for split tunneling
It is time to reveal our picks for the best VPNs for split tunneling. Keep in mind, the best VPN is subjective and depends on your own needs and preferences. Read the short descriptions below and see which one looks like the best match for your situation. Each VPN below offers a 30 day money-back guarantee along with 24/7 live chat support, so you can safely download and test these VPNs for split tunneling before making a long-term commitment.
In case you want more information, we’ve included links to our in-depth reviews of each of these VPNs at the end of each section.
NordVPN – The most reliable VPN with split tunneling
|Logs||No logs (audited)|
|Support||24/7 live chat|
Split tunneling is available for: Windows, Android, and Android TV apps
When it comes to raw speed, NordVPN leads the world. Since upgrading to the WireGuard VPN protocol, NordVPN has clocked the fastest VPN speeds we have tested so far. All VPNs have some negative impact on the speed of your internet connection. Many VPNs have a drastic effect, reducing the speed of your connection by 25%, 50%, even more. But NordVPN typically only slows things down by 10-15%, an amount that you won’t even notice under most circumstances.
Aside from performance, NordVPN also delivers the highest levels of privacy and security. It uses very strong encryption and offers a variety of specialized VPN servers for specific use cases. They also include CyberSec, a feature that blocks malicious ads, trackers, malware and phishing domains.
This service ranks high for both streaming and torrenting, thanks to its huge network of secure, diskless servers. Like ExpressVPN, NordVPN keeps no logs of your online activities, and has third-party audits to prove it.
How to use split tunneling VPN with NordVPN
When it comes to split tunneling, NordVPN supports only Windows and Android devices at this time. On the other hand, setting and using split tunneling seems a little bit easier than with other services. All you need to do is enable split tunneling directly within the VPN app. As you can see below, there are two different split tunneling VPN options you can select:
It’s also important to note that NordVPN offers lots of other privacy and security features, beyond just split tunneling.
- Double-VPN servers that encrypt traffic over two hops.
- Tor-over-VPN servers that give you an extra layer of privacy by routing traffic through the VPN server and the Tor network.
- CyberSec feature to block ads, trackers, and malware domains (currently the best VPN with ad blocking).
- Obfuscated servers that allow you to use the VPN in areas or networks where VPNs are blocked.
- Full streaming support for Netflix, BBC iPlayer, Hulu, Amazon Prime Video, Disney Plus, and many more.
If you only need Windows and/or Android split tunneling, NordVPN could be a good option. It is extremely fast, reasonably priced, and at or near the top of the pack in every one of our VPN testing categories.
- User-friendly and reliable apps
- Double-VPN and Tor-over-VPN servers
- No logs (audited twice)
- Strong encryption standards with full support for WireGuard
- Works with Netflix and many other streaming services
- CyberSec feature to block ads, trackers, and malware domains
- 24/7 live chat support
- Dedicated RAM-servers with 10 Gbps bandwidth channels
- Big discounts only available with long-term subscriptions
Click here to read our complete NordVPN review.
Surfshark – The best value split tunneling VPN service
|Based in||The Netherlands|
|Support||24/7 live chat|
Split tunneling (Bypasser) is available for: Windows and Android
Another solid option for a split tunneling VPN is Surfshark. This VPN service brings premium security features, excellent speeds, and well-designed apps. Its network has 3,200+ servers in 95 countries, all running in diskless (ram-disk) mode for maximum security.
Like NordVPN, Surfshark offers the WireGuard VPN protocol in all their VPN apps, including with the new Linux VPN GUI app. In our speed tests, Surfshark was only bested by NordVPN, as you can see in the Surfshark vs NordVPN comparison.
Surfshark apps have a VPN kill switch that prevents data leaks that could compromise your privacy. They also offer additional privacy features like CleanWeb. The CleanWeb feature is a VPN ad blocker that can also filter out trackers and malware domains. Lastly, Surfshark has several specialized servers for various use cases.
One particularly appealing aspect of Surfshark is that each subscription allows for an unlimited number of simultaneous connections. Add in their low price, and you can see what a great value Surfshark could be in heavily connected offices or households. This is one of the cheapest VPNs that still delivers premium performance and features.
How to use split tunneling VPN (Bypasser) with Surfshark
While Surfshark only offers split tunneling for Windows and for Android, it gives you more control over what gets routed through the VPN tunnel or around it. If you look at the image below, you can see that Surfshark lets you choose which apps go through the secure VPN tunnel. It also has an option to control which websites and IP addresses bypass the tunnel. This can simplify your life by putting all of your split tunneling options in one place.
If you have a lot of devices you need to connect to the internet through a VPN, or just want a great value on a high-quality VPN with split tunneling, Surfshark is worth considering.
Surfshark is currently the cheapest VPN on our list when you use the coupon below.
- Unlimited connections
- User-friendly apps for all devices and operating systems
- CleanWeb feature to block ads, trackers, and malware domains
- Works great with Netflix and many other streaming services
- 24/7 live chat support
- Strong encryption and leak protection features
- Limited support for VPN routers
- Average OpenVPN speeds (use WireGuard)
Click here to read our complete Surfshark review.
ExpressVPN – Split tunneling VPN on more types of devices
|Based in||British Virgin Islands|
|Logs||No logs (audited)|
|Support||24/7 live chat|
Split tunneling for: Windows, Mac OS, Android, and routers
ExpressVPN is a very reliable service that has always performed well across the board. It is faster than most VPNs (although slower than NordVPN and Surfshark) and has some great features. ExpressVPN does very well in the areas of security and online anonymity, thanks to very strong encryption and secure apps.
ExpressVPN offers user-friendly apps for most operating systems and devices, including routers and set-top boxes. The apps are simple to use and include leak protection thanks to their integrated Network Lock feature, which is a VPN kill switch.
If you enjoy streaming, ExpressVPN does a good job of unblocking all the major services (except for occasional problems with BBC iPlayer) and is fast enough to give good quality HD playback. If torrenting is your thing, ExpressVPN’s combination of strong encryption and reliable kill switch should keep your IP address safely hidden while you download content.
We should also point out that ExpressVPN has a very large network of VPN servers spread across 90+ countries and has had their security and no-logs VPN status affirmed by third-party audits. In short, you can be confident that ExpressVPN will keep you safe online.
How to set up the VPN split tunneling feature with ExpressVPN
ExpressVPN offers a full range of split tunneling features. As is common for services that support it, split tunneling is available for Windows and Android. But ExpressVPN doesn’t stop there. Split tunneling is a feature in their Mac OS and router apps as well. Setting up the VPN split tunneling feature with ExpressVPN is simple. All you need to do is enable it within the VPN app, as you can see below.
The VPN router support is particularly interesting. It would allow you to apply split tunneling to all sorts of devices that would otherwise not be able to use the feature. We also tested out this feature in our review of the Vilfo VPN router.
ExpressVPN is a little more expensive than our other picks, but if you want a reliable VPN that can do split tunneling on the greatest variety of devices, ExpressVPN could be the answer.
- User-friendly and secure apps
- Split tunneling feature (for Mac OS, Windows, and routers)
- Works with Netflix and most streaming services
- 24/7 live chat support
- Passed independent third-party audits for security and no-logs
- Very large server network
- Above-average prices
- Fewer features
- Average OpenVPN speeds (use Lightway)
Read our complete ExpressVPN review for more details.
PrivadoVPN – A privacy-focused VPN with split tunneling
|Support||Live chat; Email|
Split tunneling is available for: Windows, Android, and Amazon apps (such as when using a Firestick VPN app)
Next up on our list of split tunneling VPN services is PrivadoVPN. This is a privacy-focused VPN service that is based in Switzerland. Having launched in 2019, PrivadoVPN is a relative newcomer compared to some of the more established VPN brands. Despite this, however, it is making gains in the industry with a growing user base and a polished lineup of VPN apps.
PrivadoVPN checks all the boxes for privacy and security. This VPN gives you maximum protection with a built-in kill switch on all VPN apps. The company also has a strict no-logs policy and it is based in Switzerland, which is an excellent privacy jurisdiction.
PrivadoVPN supports the WireGuard VPN protocol directly in its VPN apps (except for Mac OS and Linux). This gives it excellent performance, with download speeds over 200 Mbps in our tests. It is also a great VPN for Netflix and other streaming services.
Using the split tunneling VPN feature with PrivadoVPN
Like the other services featured above, all you need to do with PrivadoVPN is enable the split tunneling VPN feature directly in the apps. Split tunneling is currently available in the Windows, Android, and Amazon apps, but PrivadoVPN is developing it for other platforms right now as well.
- User-friendly and secure VPN apps
- Fast and consistent speeds
- Works with Netflix and other streaming sites
- Affordable prices (with a free plan)
- Strong encryption and security (with WireGuard)
- No logs and based in Switzerland
- macOS app needs some work
- Smaller server network
- No obfuscation (stealth VPN)
Check out our PrivadoVPN review here for more info and test results.
Split-Tunneling VPN FAQs
Here are a couple of the most common questions we come across when the subject is split tunneling VPNs.
Are there other VPNs that offer split tunneling?
Yes, there are other VPNs that offer split tunneling, but for various reasons, they did not make the cut to be featured and recommended in this guide. Here are a few examples:
- Private Internet Access – This VPN offers split tunneling, but it comes with many drawbacks. Aside from the US jurisdiction and massive privacy risks, there are also issues with speeds. You can see this clearly in the NordVPN vs PIA comparison report.
- Proton VPN – Proton VPN is often on our list of recommended VPNs, and it does have a lot to offer. However, some of the drawbacks include: higher prices, slow speeds, and restrictions on network, servers, and features (too many restrictions). The speed comparison can be seen in our ProtonVPN vs NordVPN guide.
- CyberGhost VPN – This VPN offers limited split tunneling features in some of its apps. However, like ProtonVPN, the speeds were not up to par (see the CyberGhost vs NordVPN comparison). We also found CyberGhost to get blocked by streaming services in our tests. Finally, CyberGhost also keeps some basic connection logs. This means it is not a recommended no logs VPN service.
Are there any drawbacks of using a split tunneling VPN
Split tunneling can be a real plus, but it does have some drawbacks. One is that you need to figure out which apps and/or websites you want to access through the VPN and which you want to access directly (without the VPN). It can be a pain, but it is mostly a set-it and forget-it job.
The second problem is scarier, but more nebulous. Any time you access the internet without a VPN, you expose your traffic and IP address to the world. This can create big risks depending on your situation. For example, if you are using a VPN for torrenting and forget to turn it on, you could face heavy fines for copyright violation.
Which is the best VPN for split tunneling?
Unfortunately, there isn’t a single best VPN for split tunneling. If you want to install a VPN app on your router and do split tunneling, ExpressVPN is the best VPN for split tunneling in that case. If you want to have a large number of devices protected, Surfshark, with its unlimited connections, is probably the best bet. Finally, if you want the fastest possible connection for the apps that are protected by the VPN, then NordVPN is the winner.
Does split tunneling increase latency?
No, split tunneling does not increase latency. It can decrease it. With split tunneling, if an app needs low latency or ping, you can configure the VPN so the specified app communicates outside the VPN. This can improve latency.
Apps that use the encrypted VPN tunnel will probably have a higher latency than those that don’t use the tunnel.
Conclusion: Use a good split tunneling VPN in 2022
In this article we learned what split tunneling is, why you might want to use it, and why you might not want to. Then we examined the three top VPNs with the split tunneling feature. Each one does its job well, but each has its own plusses and minuses, making it impossible to anoint one as the best VPN for split tunneling.
We encourage you to learn more about the split tunneling VPN service that looks best to you by following one of the links in the body of this article, or hit one of the links below to download your favorite choice and start testing it right now. Remember that each of these services offers a 30 day money-back guarantee along with 24/7 live chat support so you’ll always have the help you need.
Simplify your online life by putting split tunneling to work today!
This split tunneling VPN guide was last updated on July 13, 2022.