The thing is, while VPNs are an amazing piece of technology, they aren’t perfect for everything. Sometimes you need certain things not to go through your VPN. That’s where split tunneling comes into play. It’s a feature that can give you control over which devices in your network get the VPN treatment and which don’t.
Let’s say that you have two main ways to entertain yourself: you live to watch Netflix and to play multiplayer games. Even though a VPN lets you watch American Netflix, and there are some amazing VPNs for gaming, you might not want to use it all the time. Some multiplayer games are quite open when it comes to accessing their servers, so a VPN is not needed. However, how can you easily enable and disable your VPN when you switch between these two activities? Well, you can use split tunneling. Let’s see how this technology can be used.
Split Tunneling 101: What Is It & How to Use It?
We understand that some of you might be inexperienced when it comes to using VPNs. That’s why we’ll start with the beginning and we’ll try to explain how split tunneling works in the simplest way possible. Let’s dive right in.
What is Split Tunneling?
Usually, when you use a VPN, all of your network data goes through a secure VPN tunnel. None of it makes it out of the tunnel on the public Internet. Obviously, when you aren’t using a VPN, all of your network traffic will get routed to the LAN or WAN destination it’s meant to. In other words, your data is visible to websites and your ISP when not using a VPN. This is why it’s often said that VPNs boost your security and privacy on the Web.
With split tunneling, you can do both at the same time. You can be hooked into a private VPN network and you can access public network resources at the same time. You decide which data goes where.
Why Use Split Tunneling?
The truth is that VPNs have their drawbacks. When you use them as an all-or-nothing solution, you subject all of your data to those drawbacks. The main function of a VPN is to give you a secure and private channel through which to send information anonymously. However, not everything that we do on the Internet needs to be private and secure. In those cases, a VPN can be more of a nuisance.
One good example is when it comes to online banking. Your bank already provides a secure environment using SSL and they already know who you are. So accessing your bank website through a VPN is redundant. Not only that but if you are changing your location using the VPN, then it could trigger an alert. After all, if someone suddenly tries to log into your bank account from what appears to be another country, it seems like suspicious behavior.
A VPN may also perform significantly worse thanks to various overheads, compared to just your naked connection. That can hurt the experience of things like video streaming or online gaming. Still, there are ways to speed up slow VPNs, so be aware of these helpful tips and tricks. And finally, if you want to use a network-attached storage or a network printer on your LAN with a VPN on, you might find that it doesn’t work.
These are all use cases for split tunneling. If it sounds like you need to accomplish one of these goals, then it might be an option worth looking at.
How to Set Up Split Tunneling?
There are various ways in which split tunneling is achieved in the networking world. When it comes to commercial VPN services that offer split tunneling as an option, it’s almost always configured through the VPN client software.
That client can be the per-device software clients or sometimes a configuration done at the client level. How VPN providers decide to offer split tunneling is of course up to their discretion. They might let you choose specific applications or types of traffic for exclusion from the VPN tunnel. It may also be possible to exclude specific network devices from the VPN.
A good candidate for exclusion might be a streaming box or video game console. These devices usually need lots of bandwidth and low latency. So unless you want to make it look like your streaming box is in another country to unblock content, it makes sense to exclude it from the VPN tunnel. Even if you need geo-unblocking for such devices, it might make more sense to use an alternative technology such as Smart DNS to get the job done.
Device exclusion from the tunnel requires a router-level VPN. If you are using a Windows client or an Android app, then you can only control the flow of traffic from that device to the tunnel. Other machines on the same network won’t be affected if there is no VPN client between them and the Web. In other words, you need to set up a VPN on your router.
Advanced Split Tunneling Concepts
When looking at split tunneling, there are some more advanced concepts that could apply to your specific situation. While most people are likely to just use the simplified split tunneling service provided by a VPN company, you might want to take note of these extra options.
Inverse Split Tunneling
Inverse split tunneling is basically exactly what it says on the tin. It’s ‘inside-out’ split tunneling. Normally, the default is for everything to go through the VPN tunnel and then certain devices or applications to be marked for exclusion from it. With inverse split tunneling, the default is for data not to go through the tunnel unless you specifically indicate that it must.
Whether you should opt for an inverse split tunnel depends on your use case, but if you have a small, stable number of applications that need the tunnel, it’s much more convenient to use the inverted route.
IPv6 Dual Stack Networking
If you’ve read our article on what an IP address is, you might recall that the world is running out of traditional IP addresses. Thanks to every device now having some sort of Internet connection, it won’t be long until we can provide no more unique addresses. That’s only a limitation of the current IPv4 standard. IPv6 is set to replace it with enough address combinations to serve us for the foreseeable future. However, the transition hasn’t been all that smooth. Although most modern network hardware and software supports IPv6, in practice IPv4 still dominates.
So now there’s a problem since any growth of networks is going to happen using IPv6, but people still need their content served via IPv4. Both usually can’t operate on the same network at the same time. By using a special form of split tunneling, it’s possible to use both standards in parallel. This is pretty cool, although only of real interest to network admins. Still, we may soon see VPN providers using some form of dual stacking to increase their network size.
Where Can You Get Split Tunneling?
Despite how useful it can be, split tunneling is still a fairly rare feature, even when it comes to paid premium VPN services. ExpressVPN and PureVPN are two examples of VPN services that have some form of split tunneling on offer. This means that if split tunneling is a solution that sounds like the sort of thing you need, then you need to check the feature list of the VPN for the term.
Here at TechNadu, we are big fans of ExpressVPN. After testing dozens of different VPN providers, our editorial team has settled on using this one. It provides unparalleled performance, nicely designed UI, a bunch of native apps for different platforms, and some pretty advanced VPN techniques. As you can image, split tunneling is one of those. For more information, take a look at our review of ExpressVPN.
The Risks of Split Tunneling
The biggest risk of using split tunneling is that you mess up the settings and accidentally send traffic that should have been private straight to the public Internet. Obviously, such a mistake would be the product of a deliberate configuration setting. Features such as a kill switch won’t help since your VPN will think you want that data to be public.
This means that if you choose to use split tunneling, you need to be very careful. Verify that the right traffic is being excluded and included. That’s before you do anything sensitive with your connection.
Alternatives to Split Tunneling
If you can’t or won’t use split tunneling, then you need to find a different way to direct traffic. One option is an all-or-nothing approach, where you switch the VPN off when you need it to be gone. However, you’ll have to be much more careful in this situation. Don’t do anything ‘weird’ on the net while the VPN is off.
You can also disable router-level VPN and manage it on a per-device basis. That can however quickly use up your allotment of concurrently connected users.
Picking the Right VPN
To help you take all the factors into consideration, be sure to have a look at the TechNadu VPN Buyer’s guide. Here you’ll get advice on the general merits of VPNs including split tunneling. Also, if you have a hard time deciding, see which we thought were the best VPNs of this year so far.
We hope that now by know a bit about split tunneling. As you can see, this is a fairly simple concept that is easy to comprehend. However, make sure to pick a VPN that supports this kind of technology. Then, you can use that software to fine-tune your requirements.