What Split Tunneling Is
When you connect to a VPN, all your traffic normally routes through the VPN server. Split tunneling lets you specify which apps or websites use the VPN and which connect directly. The result: sensitive traffic gets VPN protection while bandwidth-heavy or latency-sensitive traffic bypasses the encryption overhead.
Common Use Cases
Video streaming is the most common split tunneling use case. If Netflix or YouTube are in your direct connection list, they stream at full speed without the VPN adding latency. Online banking and password manager sync can go through the VPN for security. Local network devices like printers and NAS drives need direct connection to work at all when using a VPN.
Inverse Split Tunneling
Most VPN apps offer both regular and inverse split tunneling. Regular: specific apps use VPN, everything else is direct. Inverse: specific apps bypass VPN, everything else routes through it. Inverse is easier to manage if you only have a few apps that need to bypass the VPN. Enable it and add your streaming apps to the bypass list.
Security Considerations
Split tunneling means some of your traffic is unprotected. On untrusted networks like public Wi-Fi, be careful about what you put in the direct connection list. Any app in the direct list is visible to the network. Stick to streaming, gaming, and other low-sensitivity traffic in the bypass list when on public networks.
Which VPNs Support It
ExpressVPN, NordVPN, Surfshark, and Mullvad all support split tunneling on Windows and Android. iOS support is more limited due to Apple's network extension restrictions. On iOS, only per-app VPN configuration is available, which achieves a similar result through different technical means.