Split tunneling is a VPN feature that lets you pick which apps go through the encrypted tunnel and which use your regular connection. Used right, it solves real problems. Used wrong, it leaks the data you thought you were protecting.

How it works

The VPN client adds routing rules: "send traffic from app A through the VPN, send traffic from app B over the local network." Some implementations split by app, others by destination domain or IP range.

When split tunneling makes sense

• Streaming local content: route Netflix through your home connection (so it sees the right country) while torrenting through the VPN.
• LAN access: reach your printer, NAS, or smart home devices on your home network while VPN is on for other traffic.
• Banking and sensitive logins: some banks lock accounts when they see foreign IPs — split tunnel those apps to your real connection.
• Gaming: lower latency on your real ISP for games while keeping general browsing on the VPN.

When NOT to use it

• Threat model includes your ISP — anything outside the tunnel is visible to them.
• Privacy-critical work — easy to forget which apps are protected and which aren't.
• Public Wi-Fi — split-out traffic is vulnerable to local sniffing.

Where to find it

NordVPN, Surfshark, ExpressVPN, ProtonVPN, Mullvad — all support split tunneling on desktop, most on Android. iOS has technical limits that prevent app-level split tunneling on most VPNs.

Inverse split tunneling

The reverse mode: "only these apps go through the VPN, everything else uses normal connection." Useful when you only need protection for one specific app (a torrent client, a browser tab in a separate browser).

Try it now

Curious what your IP is showing the world right now? Check your IP address & location instantly with our free tool — no signup, nothing stored. Or trace any other IP to see its geolocation, ISP, and network details.