When you connect to a Virtual Private Network, data travels between your device and the web via a proxy server that acts as a middleman. In many cases, you might not want all of your traffic to travel through the VPN server. Some VPN apps have a function called “split tunneling” that allows you to choose which apps, websites, or devices use the VPN and which use a direct connection to the internet. That way, your sensitive data is kept to yourself and away from prying eyes.
Though it’s possible to set up split tunneling on various operating systems, even if it’s not built into your VPN, it’s far simpler to configure if it’s integrated into the VPN app. But not all, and in fact not many, VPN providers offer this service. In this post, we reveal the best VPNs for split tunneling and how to get started with one.
We’ll discuss each of the VPNs we recommend in more detail later in this article, but in case you’re in a rush, here’s a quick summary.
Best VPNs for Split-Tunneling:
- NordVPN Our first choice for split tunneling. Gives you the option of only tunneling web traffic. Plus, it has strong security and privacy features, great speeds, and comes with a 30-day money-back guarantee.
- Surfshark Our top-budget VPN choice with split tunneling. Fast and privacy-conscious, this VPN lets you tunnel your apps or certain websites. Allows unlimited simultaneous connections.
- ExpressVPN Offers a variety of split tunneling methods in both its apps and its custom router firmware. Superfast servers in 94 countries and top-notch privacy.
- CyberGhost Beginner-friendly provider. Easy-to-use. Vast server network. Includes “smart rules” that divert different apps through different servers.
- IPVanish Offers split tunneling on its Android and Fire OS apps. Popular provider for Kodi users and torrenters. No device limit.
- Private Internet Access Supports split tunneling on all platforms except iOS. Steady speeds, customizable security features, and no connection limit.
- Atlas VPN An ultrafast service with split tunneling functionality on Android. Doesn’t keep any logs, impose a connection limit, or compromise where privacy is concerned.
TRY THE TOP-RATED VPN RISK FREE
NordVPN is offering a fully-featured risk-free 30-day trial if you sign up on this page. You can use the VPN rated #1 for split tunneling with no restrictions for a month – great if you want to test out the service before making a commitment.
There are no hidden terms – just contact support within 30 days if you decide NordVPN isn't right for you, and you'll get a full refund. Start your NordVPN trial here.
Best VPNs for split tunneling: at a glance
We’ve compared the most important features of the top VPNs here. Prefer to read the in-depth reviews? Start with NordVPN – our #1 choice for split tunneling.
|No value||NordVPN||Surfshark||ExpressVPN||CyberGhost||IPVanish||Private Internet Access|
|Website||NordVPN.com||Surfshark.com||ExpressVPN.com||Cyberghost.com||IPVanish.com||PrivateInternetAccess.com||Ranking for split tunneling:||1||2||3||4||5||6||Streaming Services||Netflix|
|Avg Speed (Mbps)||100+ Mbps||100+ Mbps||100+ Mbps||100+ Mbps||100+ Mbps||73 Mbps||Popular Sites Unblocked||95%||88%||86%||85%||70%||70%||Simultaneous Connections||6||Unlimited||5||7||Unlimited||Unlimited||Activity logs||None||None||No identifying data||No identifying data||No logs stored|
|Best deal (per month)||$3.19|
SAVE 61% + 3 months FREE
Get 2 Months FREE with a 2-year plan
SAVE: 49% on the annual plan
SAVE up to 84% on the 2 year plan + 3 months free
SAVE 74% on the 2 year plan
SAVE 82% on the 2 yr plan + 500GB cloud storage solution
Best VPNs for split tunneling
There wouldn’t be much point in getting a VPN that includes split tunneling if other areas of the service are below par. So, we included a number of other criteria in our search for the best VPNs for this list. These include:
- Delivers a fast, reliable service
- Strong focus on security and privacy
- Prompt and knowledgeable customer support
- Wide global server selection
- Securely accesses major streaming services (Netflix, BBC, Amazon Prime Video etc).
All of our selected VPNs for split tunneling below meet these standards and more.
You can read more about how we test and rank the VPNs we recommend in our methodology section below. For now, let’s take a look at the ones that made the cut.
Here’s our list of the best VPNs for split tunneling
Money-back guarantee: 30 DAYS
NordVPN is our top choice VPN for split tunneling. It offers excellent security and the ability to securely access a wide range of streaming services, including Netflix. It offers access to more than 5,500 servers in 60+ countries, and you get six simultaneous connections per account.
NordVPN has apps available for Windows, macOS, Linux, iOS, and Android devices. However, it’s the service’s browser extensions for Chrome and Firefox that will give you the ability to implement split tunneling. You can choose which websites use the VPN and which use a direct internet connection.
Note that to do this, you must leave the desktop app off and turn the browser extension on. All of your browser traffic will go through the VPN tunnel while all other apps on your device remain unprotected.
- Split tunneling available on browser extensions
- Wide network of over 5,500 servers in 60+ countries
- Excellent speeds for streaming
- Works with Netflix USA and other streaming sites
- Plenty of strong security and privacy features features
30-day money-back guarantee
- Occasional slow server
BEST VPN FOR SPLIT TUNNELING:NordVPN is our top pick for split tunneling. Having the chance to use split tunneling as well as enjoying extra security features makes this VPN a strong choice. NordVPN offers a 30-day fuss-free money-back guarantee with each subscription.
Read our full NordVPN review.
Money-back guarantee: 30 DAYS
Surfshark is a budget-friendly VPN that doesn’t compromise on service. It runs 3,200+ servers in more than 100 countries, which makes it easy to obtain a high-speed, low-latency connection wherever you are. It’s capable of securely accessing popular services like Netflix US and Amazon Prime Video from anywhere in the world, and as there’s no connection limit, you can secure every device you own with a single account.
This VPN’s split tunneling feature allows you to let specific apps or websites bypass the VPN entirely. There’s also 256-bit AES encryption, a kill switch (in all versions), and protection against IPv6, DNS, and WebRTC leaks, as well as a NoBorders feature that bypasses country-wide internet blocking. Surfshark doesn’t log any data that could identify you, but if you’re concerned, you can sign up almost completely anonymously using cryptocurrency and a throwaway email address. Support is on-hand 24/7 over live chat in case of any issues.
Surfshark provides apps for iOS, Windows, MacOS, Android, and Linux devices. Wireless routers are also supported but must be configured manually.
- Servers located in 100+ countries
- Lets you protect all of your devices at once
- Puts major emphasis on security
- Doesn’t keep any logs
- Lets you pay with Cryptocurrency
- Some features require an additional payment
BEST BUDGET OPTION:Surfshark has no connection limit, a no-logging policy, and cutting-edge security features, which means users can rest assured that their privacy is in good hands. A 30-day money-back guarantee is also included.
Read our full Surfshark review
Money-back guarantee: 30 DAYS
ExpressVPN is very thorough when it comes to split tunneling. This feature is available in the Windows and macOS desktop apps. In both cases, the settings area of the VPN app includes a split tunneling definition page. You can send all traffic through the VPN, send only traffic originating from specified apps, or send all traffic except for that originating from specified apps. These are known as ‘split-include’ and ‘split-exclude’ options. Most VPNs that implement split tunneling only work on one of these methods, but with ExpressVPN you get both.
ExpressVPN is one of the few providers that includes an app to install on your flashed wifi router. This app includes options to implement another type of split tunneling. You can specify which devices in your home will have all of their traffic channeled through the VPN and which will be left unprotected. The router split tunneling screen lists all recently connected devices and shows an on/off toggle next to each – the devices don’t have to be connected at the time of nomination.
Standard features on ExpressVPN include strong encryption, access to servers in 94 countries (with local IP addresses), an allowance of five simultaneous connections, and the ability to securely access Netflix and many other streaming services. Apps are available for Windows, macOS, Linux, Android, and iOS.
- Split tunneling per device at the router level
- Both split-include and split-exclude are possible with the desktop apps
- Very good speeds
- 24/7 live chat customer support
- Works with Netflix and other streaming platforms
- Slightly more expensive than other providers
- Streaming servers aren’t labeled
GOOD ALL-ROUNDER:ExpressVPN is a good choice and gives you a lot of options for split tunneling. Fast speeds and strong security complete the package. A 30-day no-fuss money-back guarantee means you can try it risk-free.
Read our full ExpressVPN review.
Money-back guarantee: 45 DAYS
CyberGhost‘s split-exclude option lets you pick which websites should use the VPN and which should use a direct connection. If you prefer a website-based split tunneling feature in addition to an app-based one, this is the VPN for you.
The split-include option lets you decide which applications should be covered by the VPN. You can specify a different server location for each app that you nominate for protection. Split tunneling can be accessed through the Preferences tab of the desktop app. The Smart Rules section of the Preferences settings has two versions of split tunneling.
This VPN gives access to servers in 90 countries (with local IP addresses). It works with a wide range of streaming services including Netflix. Apps are available for Windows, macOS, Android, iOS, Linux, Amazon Fire TV, and Amazon Fire Stick. You can connect seven devices at a time.
- Split-exclude feature for websites and split-include feature for applications
- Ability to connect to multiple servers simultaneously on the same device
- Fast, reliable service
- Vast network of over 9,000 servers in 90+ countries
- 45-day money-back guarantee
- Doesn’t work in China or the UAE
- Lack of advanced configuration options for power users
STRONG SECURITY:CyberGhost offers excellent flexibility when it comes to split tunneling as well as high-grade encryption and anonymous accounts. The company gives a generous, no-questions-asked 45-day money-back guarantee.
Read our full CyberGhost review.
Money-back guarantee: 30 DAYS
IPVanish has some of the fastest speeds we’ve seen, which makes it great for streaming and torrenting. The company provides apps for Windows, macOS, Android, iOS, Linux Mint, Amazon Fire TV, and Amazon Fire Stick. The VPN can be set up manually on Ubuntu, Kali, and Fedora Linux, and select routers and set-top boxes. It’s a favorite among Kodi users.
The IPVanish apps for Fire OS and Android include a split tunneling feature. This lets you have some applications running through the VPN while leaving other traffic outside of the tunnel. For example, Kodi can run through the VPN, while Netflix uses a direct connection. IPVanish explains that its split tunneling feature was developed specifically to enable users to securely access services like Hulu and Netflix outside of the VPN connection.
In the Settings menu, the Split Tunneling section of the Connection preferences leads to a list of all apps detected on the device. Any applications that you mark with a check box in this screen will be excluded from the tunnel.
IPVanish operates servers in 60 countries. Users get an unlimited number of simultaneous connections.
- Split-exclude available on Fire OS and Android apps
- Very fast speeds
- No-logs policy
- Allows you to connect all of your devices at once
- Customer support is a little slow
- Doesn’t accept cryptocurrencies
SPLIT EXCLUDE ON ANDROID AND FIRE OS:IPVanish is a good choice for split tunneling on Android and Fire OS devices. Its fast speeds make it excellent for streaming and downloading, and you can use it on all of your devices at once. Gives a 30-day money-back guarantee on each subscription.
Read our full IPVanish review.
Money-back guarantee: 30 DAYS
Private Internet Access is a quick and capable service that lets you split tunnel on any device (except for those running iOS). It has servers in 84 countries and works with a huge range of geo-blocked platforms, from Netflix to BBC iPlayer. What’s more, it recently scrapped its connection limit, meaning you can secure an entire household with just one account.
This VPN shields your data from snoopers using powerful encryption, a kill switch, and leak protection. Additionally, it lets you switch DNS servers, connect via a random port, or use a multi-hop server for a second layer of anonymity. Private Internet Access doesn’t keep any logs, and we know this for sure because it’s been independently audited. Customer support is available around the clock over email or live chat, so you’re never more than a few minutes away from getting help.
PIA has apps for Windows, Linux, Mac, iOS, and Android. You can also manually install it on some routers.
- Split tunnel on most devices
- Connect as many devices as you like
- Impressive set of security tools
- Doesn’t offer split tunneling on iOS devices
- Some outdated information in the website’s support section
LOTS OF CHOICE:PIA has a large network, steady speeds, and a wide range of customizable privacy features. All plans come with a 30-day money-back guarantee, and live chat is available 24/7 in case of any issues.
Why not read our full Private Internet Access review?
Money-back guarantee: 30 DAYS
Atlas VPN allows split tunneling but only on Android devices. Still, it has a lot to offer, from its exceptionally-high speeds (270 Mbps in our latest tests) to its unparalleled unblocking ability. In other words, it’s an excellent choice for anyone looking to stream, play online games, or torrent anonymously. As if that wasn’t enough, Atlas VPN is one of the few providers that lets you protect every device you own simultaneously. Having trouble? Just reach out using the 24/7 live chat service.
This might be a newer provider, but it offers security features that many of its more established rivals can only dream of. There’s 256-bit AES encryption, a kill switch, leak protection, plus ad and tracker-blocking, servers that swap your IP address periodically, and a built-in data breach monitor. Best of all, Atlas VPN follows a no-logs policy, something confirmed by third-party auditors. Users can pay with a variety of cryptocurrencies if they’d like to sign up without linking their real names or bank details.
Atlas VPN apps are available for Windows, Mac, Android, Linux, and iOS. Unfortunately, there’s no router support at the moment, though this could change in the future.
- Faster than most of its rivals
- Innovative security tools
- Great for sharing with family
- No split tunneling on desktop or iOS
- Based in the US (a Five Eyes country)
KEEPS NO LOGS:Atlas VPN doesn't store any data that could identify you and provides some of the highest speeds we’ve seen. Split tunneling is limited to Android, but it works with most geo-blocked services. Includes a 30-day money-back guarantee.
Take a look at our in-depth Atlas VPN review to learn more.
Methodology: how we found the best VPNs for split tunneling
Comparitech aims to publish the most accurate, useful, and comprehensive VPN reviews and recommendations on the internet. To do that, our team personally uses and tests each VPN based on expert analysis, real-world experience, and several performance and security tests. When it comes to this list, we looked for the following features in addition to split tunneling:
- Speed: We measure download speeds and consistency on connections to VPN servers located around the world to ensure the VPNs we recommend are fast enough for day-to-day tasks like streaming, torrenting, gaming, and browsing.
- Security: Split tunneling can introduce serious security risks if not implemented properly. We ensure VPNs use adequate encryption and are free of data leaks.
- Streaming: We conduct real-world tests to find out which VPNs can reliably access popular streaming services, such as Netflix, Disney+, Amazon Prime, and Hulu.
- Customer support: Our reviewers contact each VPN’s customer support staff as secret shoppers to gauge response times and quality.
- Value for money: We favor VPNs that offer more bang for your buck and don’t engage in shady billing practices. We also look for the VPNs we recommend to offer free trials and/or money-back guarantees.
Learn more about how we rate and review VPNs on our testing methodology page.
Different types of split tunneling
VPN split tunneling can take a few different forms depending on how it decides what goes through the VPN and what doesn’t.
Most of the providers we recommend above let you split tunnel by app. You decide which apps use the VPN and which use a direct, unencrypted connection to the internet.
If you set up your VPN on a router, you could split tunnel by device. You can, for example, set your phone to use a normal connection and your PC to use the VPN.
Lastly, you can split tunnel according to your destination on the internet. The VPN could be configured to only kick in when you visit certain websites, for example. This is much less common than the other two types.
Pros and cons of split tunneling
- You can simultaneously use a direct connection and a VPN connection
- Conserves VPN bandwidth
- You can still access your local network, including printers and smart home devices
- Latency won’t suffer on non-VPN apps and devices
The main disadvantage of split tunneling is security. In theory, an attacker could exploit split tunneling by using it as a back door. An attack on your direct, non-VPN connection could infiltrate your VPN-protected connection through your device. But so long as it’s configured properly, split tunneling is safe for most users.
How to use a split tunneling VPN
The exact process for split tunneling varies by VPN, but below is a general guide.
Here’s how to use a split tunneling VPN:
- Open your VPN app (we recommend Nord VPN) and sign in if necessary.
- Before you connect, find the split tunneling setting in your app’s menu
- Add the apps that you want to go through the VPN to the list (or, if inverse split tunneling, the devices you don’t want to connect to the VPN)
- Ensure split tunneling is enabled. You might need to check a box.
- Connect to the VPN.
Split-tunneling VPNs: FAQs
Can I use a free VPN for split tunneling?
Although there are quite a few free VPNs available, we advise against using them. The facility for split tunneling is only available in very few VPNs, and none of those specialized VPNs are free to use.
Free VPNs typically can’t get past location blocks on video streaming sites, and they can really slow down your connection.
Be cautious of free VPNs because a lot of them are scams. One of the key services included in VPNs is encryption to prevent strangers from snooping on your internet activity. Many free VPNs don’t include any encryption at all. These are not only useless but dangerous because they give people a false sense of security.
Although some VPNs are free of charge, they are not charities. Some make money by forcing their users to watch adverts before they connect. Others sneakily inject adverts into the web pages that they channel. Some free VPNs even track the internet activities of their users and sell that information to marketers. This is ironic because one of the main selling points of VPNs is that they are supposed to protect your privacy on the web.
All-in-all, you are better off avoiding free VPNs and opting for a quality VPN service instead.
What can I do with split tunneling?
Split tunneling boasts a number of advantages and is quite handy in a lot of situations:
- Users in China can access foreign-only and China-only content at the same time. Works for other countries as well.
- Set which apps use the VPN, such as those that require more privacy. Your web browser can use a direct connection while your torrenting app uses the VPN, for example.
- If your wi-fi router supports split tunneling (e.g. ExpressVPN’s router firmware), you can choose which devices use the VPN and which do not. Game consoles can use a direct connection with less lag, for example, while your phone and laptop use the VPN.
- Access local network devices such as printers, smart home devices, and routers while using the VPN.
- Connect to local-only resources in a school or office while at the same time accessing websites and apps from behind a web filter
What is inverse split tunneling?
Inverse split tunneling functions the same way as normal split tunneling in most respects. Normal split tunneling protects all connected apps or devices except for those specifically excluded.
Inverse split tunneling only protects specified apps or devices, and everything else is excluded by default.
Just think of the difference between a whitelist and a blacklist; it’s conceptually the same thing. The “list” might be a list of devices, apps, websites, or even port numbers that connect—or do not connect—to the VPN.
Is split tunneling safe?
Split tunneling is perfectly safe assuming it’s well-implemented and you are fully aware of what data travels through the VPN and what doesn’t.
Can a VPN be restricted to a single site?
It depends on how split tunneling is implemented in your VPN app.
CyberGhost, for example, only allows for split tunneling of entire apps, and not specific websites.
Surfshark, in contrast, allows users to split tunnel specific websites and even IP addresses. You can enter which websites and IP addresses bypass the VPN while split tunneling is enabled (note: Surfshark calls this feature a “Whitelister”).
Does split tunneling add latency?
Apps and websites that bypass the VPN through split tunneling have no added latency or ping time.
Apps and websites that do route through the VPN will have the usual added latency that you would get with any VPN connection.
Are there any security risks of split tunneling?
Yes, split tunneling does come with some security risks. Put simply, attackers can infiltrate your device through the non-VPN connection, which in turn gives them access to your VPN connection as well as the sites, apps, and services you use while on the VPN.
Consumer VPNs generally don’t restrict or monitor users’ traffic and give open access to the internet, so the security risks are not too severe in most cases. This is a bigger concern for corporate environments using enterprise VPNs for, say, remote workers. Split tunneling could allow attackers to access a company’s private server through the client’s unencrypted connection.
Which protocols don't support split tunneling?
Does OpenVPN have split tunneling?
OpenVPN supports split tunneling, but not every VPN that uses the OpenVPN protocol offers split tunneling.
Is split tunneling difficult to set up?
It’s not at all difficult to set up split tunneling. The best VPNs for split tunneling make it quick and easy to do from within the VPN app. You should be able to find the split tunneling feature within the settings menu where you’ll be able to toggle it on or off.
Usually, you need to add the apps that you want to go through the VPN (any apps not selected will not have data encrypted). In the case of inverse split tunneling, all traffic is encrypted by default and you need to specify which apps you don’t want connected to the VPN.
See also: Best VPNs for routers