Split-Tunneling
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/glossary/split-tunneling/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/glossary/split-tunneling/Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/glossary/split-tunneling/)Use the native HTML custom element.
Definition
Eine VPN-Konfiguration, die nur ausgewählten Datenverkehr durch den VPN-Tunnel leitet, während anderer Datenverkehr direkt auf das Internet zugreifen kann. Reduziert die VPN-Bandbreitennutzung, kann jedoch einen Teil des Datenverkehrs dem lokalen Netzwerk aussetzen.
How Split Tunneling Works
Split tunneling is a VPNVirtual Private Network. A technology that creates an encrypted tunnel between a device and a remote server, protecting data in transit and masking the user's real IP address. Used for privacy, security, and accessing restricted networks. feature that lets you route only specific traffic through the encrypted VPN TunnelAn encrypted, encapsulated connection between two endpoints through which all tunneled data passes securely across an untrusted network like the public internet. while the rest of your internet traffic travels directly through your regular connection. For example, you might route corporate intranet traffic through the VPN while streaming video or accessing local printers over your normal network connection.
Include vs. Exclude Modes
Most VPN clients implement split tunneling in two ways. Include-only mode (sometimes called inverse split tunneling) routes only specified destinations through the tunnel; everything else goes direct. Exclude mode routes all traffic through the tunnel except a specified list of destinations. Businesses commonly use include-only mode so that employee laptops access internal resources via VPN without saturating the VPN server with Netflix traffic.
Security Trade-offs
Split tunneling increases efficiency and reduces latency for non-sensitive traffic, but it introduces risk. Traffic not routed through the VPN can be observed by your ISPInternet Service Provider. A company that provides internet access to consumers and businesses, assigning public IP addresses and routing traffic to the wider internet. Examples include Comcast, AT&T, and SK Broadband. and is not protected by corporate security controls. A malicious website accessed through the direct path could potentially reach corporate resources through the local machine. Organizations that follow Zero TrustA security model based on the principle of "never trust, always verify." Every access request is fully authenticated and authorized regardless of whether the user is inside or outside the network perimeter. principles often disable split tunneling entirely, requiring all traffic to pass through inspection proxies regardless of destination. Use WebRTC Leak Test to confirm that your real Public IP AddressA globally unique IP address assigned by an ISP that is routable on the public internet. Every device directly accessible from the internet must have a public IP address. is not leaking through browser APIs even when split tunneling is active.