How We Made the Best Split Tunneling for Our VPN

Posted on Oct 25, 2022 by Kristin Hassel

Imagine being able to stream your local Netflix library while rerouting the rest of your traffic through a server halfway across the world. Most VPNs force you to route everything through the network, making it impossible to access anything using your local IP address. But not Private Internet Access. Take a look and see your dream in action: unique split tunneling options for Linux, Windows, and even for our browser extensions.

And the VPNs that are able to maintain simultaneous connections can’t match PIA’s advanced split tunneling options. Let me show you how split tunneling with Private Internet Access takes your online security and privacy to another level.

What is Split Tunneling & How Does it Work?

Split tunneling is used to route certain traffic through a secure VPN tunnel while sending other traffic through your regular network. By default, a good VPN is supposed to route all your traffic through the VPN, even when split tunneling is available. Usually, it’s disabled by default, so you need to turn it on. 

Essentially, split tunneling divides your traffic into the following categories:

  1. Encrypted: The VPN encrypts your traffic and re-routes it through its secure servers for increased privacy and security. This may slow your speeds a bit, but it provides safer access to apps and websites.
  2. Regular: The VPN doesn’t encrypt your traffic, so you must rely on the security measures put in place on apps, websites, and through your ISP. You will get faster access to local sites and services, but it’s less secure than using a VPN. 

You should only run trusted apps, sites, and services outside your VPN. 

The Benefits of Split Tunneling

Get more options with PIA’s split-tunneling feature.

With split tunneling, you can continue to use apps that don’t work with VPNs and those that do at the same time. This is because you can run apps that aren’t VPN-friendly outside the VPN, and filter compatible ones through it.

Split tunneling helps you retain fast speeds for streaming, and it gives you secure access to international content. Basically, you can protect yourself while downloading YouTube videos from anywhere in the world and watch Netflix at the same time without sacrificing your speeds.

Speaking of speeds, PIA lets you exclude certain apps from the VPN tunnel while forcing everything else to use the encrypted connection. This is really useful for online gaming, where latency and fast internet are crucial, and for banking apps, which don’t always play nice with VPNs. 

A good split tunneling feature makes life a lot easier for anyone who relies on VPNs for increased online protection.

Standard and Inverse Split Tunneling

We leave our split tunneling feature off by default to give you control over whether you want to customize your VPN protection. All you need to do is activate the feature in your VPN Settings. Don’t worry, it’s easy to turn on. Just toggle the switch in the Split Tunneling section. 

What you may not know is that, unlike many VPNs, PIA offers both standard and inverse split tunneling:

  • Standard split tunneling sends all online traffic through the VPN, except apps/sites and IPs you specify to run outside the secure channel. You can activate this by choosing Use VPN on the All Other Apps dropdown menu in the Split Tunneling settings for PIA. 
  • Inverse split tunneling runs all traffic outside the VPN unless you specify certain apps to use the VPN. This feature is also located under the Split Tunneling setting for PIA, only you need to select Bypass VPN on the All Other Apps menu. Test it out for yourself risk-free, with our 30-day money-back guarantee.

The most common forms of split tunneling offered by VPNs are app-based and IP-based split tunneling. PIA offers both of these options — and more, but we’ll get into that a bit later. First, let’s tackle the basics.

    ✅ App-Based Split Tunneling

PIA makes it easy to select the app you want to run in/outside the VPN tunnel. When you click Add Application in our app’s split tunneling settings, you’ll see a list of all available applications. Scroll down the list and select your app. Once it’s added to your list, you can choose whether or not the app runs in or outside the VPN. 

Adding applications to split tunneling is easy with PIA.

One thing that sets PIA apart from the rest is that our split tunneling supports Windows Store Apps. Other VPNs don’t support split tunneling with these apps as they use an Application Package File (.appx) format created by Windows for their app-based OSs (Windows 8, 10, and 11), instead of the standard Executable File (.exe) format. 

A few VPNs have workarounds for Windows Store apps, but they’re time-consuming. PIA’s split tunneling feature works with Windows Store Apps as is — you don’t need to do anything special.

    ✅ IP-Based Split Tunneling

PIA allows you to choose specific IP addresses to include in split tunneling. The option to Add IP Addresses is to the right hand side of Add Applications in the split tunneling settings. You can manually add an IP address to run outside the VPN, which is a useful feature if you need to access work networks suspicious of VPN use. 

You can bypass entire IP addresses and subnets with PIA’s split-tunneling.

The best part is that you get way more options than a simple IP address. You can add entire subnets and even specific IPv6 addresses to bypass the VPN. In addition to a host of amazing VPN features, we’re the only VPN provider who offers this many IP-based split tunneling options.

Advanced Split Tunneling — Full List of Features

Sure, we offer split tunneling for Linux, Windows, and versions of macOS prior to Monterey, but did you know you can use standard split tunneling on our Android VPN app as well? 

PIA also supports website whitelisting on our browser extensions. 

We didn’t stop there – we pushed past our limits to provide even more advanced features you won’t find anywhere else.

    ✅ Inverse Split Tunneling

Inverse split tunneling is an advanced feature most VPNs don’t have, so let’s take a deeper look. 

With both standard app-based and IP-based split tunneling everything travels over your regular open network. You have complete control over which apps to route through the VPN. 

With inverse split tunneling, you also have another option. You can choose to send everything over our secure network, aside from the apps and IPs you want to run outside the VPN

You can access local printers and other trusted network devices without individually selecting all the apps you want to run through the VPN. This is extremely useful if you only need one or two apps or IPs to run outside the VPN

Using inverse split tunneling can save you considerable time, and you don’t have to worry you missed covering an app in the extensive selection process.

    ✅ App-Based Kill Switch

Setting the rules for any given app to Only VPN activates PIA’s app-based Kill Switch, which prevents anything from leaking outside the secure channel — even if your connection to our servers drops. It’s a simple and effective way to increase your online anonymity and prevent data leaks.

    ✅ Routed Packet Splitting for Linux

Linux is often overlooked by VPNs when providing dedicated VPN apps, let alone stable split tunneling features. Fortunately, PIA gives you both. We provide feature parity for Linux and even offer a unique split tunneling feature for the operating system.

With PIA, you can decide whether all docker or virtual machine packets bypass the VPN or run through it. Each container is isolated, so you can individually manage dockers. Considering most VPNs don’t provide split tunneling or a proper UI for Linux, this is an advanced feature you won’t find anywhere else for some time.

    ✅ Split Tunnel DNS

The default for the Name Servers setting for split tunneling on PIA is Follow App Rules. It ensures DNS server settings change on a per-app basis to redirect DNS requests to the correct servers. It’s as if there isn’t a VPN at all. PIA takes this further, allowing you to run all DNS requests through our VPN.

When you change Name Servers to VPN DNS Only, your DNS requests always go through our DNS servers. This feature is available for Windows and Linux and is exclusive to PIA

Customize Your Protection with Private Internet Access

PIA allows you to customize your online security with options beyond standard split tunneling. Our advanced split tunneling lets you add Windows Store apps, choose which apps you want to run outside and inside the VPN, and it’s fully compatible with Linux.

Ready to see how PIA VPN provides the best of both worlds? You can try PIA’s split tunneling risk-free.