Split Tunnel App Examples

Split tunneling allows you to exclude specific applications or IP addresses from the VPN tunnel. When you exclude an app, it uses the IP address provided by your internet service provider, and your traffic is not encrypted.

Note: Private Internet Access (PIA) provides split tunneling for all desktop platforms, including Windows, macOS, and Linux.

Windows Configuration

Follow these steps to enable split tunneling on Windows. Ensure you are not connected to a VPN server before starting.

  1. Open the PIA app.

  2. Click the three-vertical-dot icon in the upper-right corner.

  3. Select Settings > Split Tunnel.

  4. Select the Split Tunnel checkbox to enable the feature.

  5. Click Add Application or Add IP Address to choose the software or enter the IP address you wish to exclude.

Common Windows Examples

  • Microsoft Store apps: Some apps, such as Netflix or Hulu, may appear as "Windows Web Applications" rather than their respective icons on the exclusion list

1654877609656.png

  • Steam: If you wish to exclude the Steam application from the VPN, you will also need to exclude the steamwebhelper.exe file as well. To do so, please follow these steps:
  1. Click on Add Application.
    1708675702663.png
  2. Click the Browse button next to the search bar.
  3. Next select Windows (C:) > Program Files (x86) > Steam > bin > cef > cef.win7 > steamwebhelper.exe.
    1708675702624.png
  4. Once selected, click the Add button.
  • Specific Games: You may wish to exclude specific games from the VPN tunnel. For this, you will need to add a specific .exe file to the list. Here’s how you can locate the specific .exe file. 
  1. Click Add Application
  2. Click the Browse button next to the search bar.
  3. Next select Windows (C:) > Program Files (x86) > Steam > steamapps > common.
  4. You will then see a list of your installed Steam games.
  5. Select the file for the desired game.
  6. Click the .exe file for the game in the installation folder and click the Add button. 
1708675831050.png

1708675830988.png

This will add the game to the exclusion list. If your games are not installed on your (C:) drive and you do not know how to find the file destination, you can check Steam Library > Properties > Local Files, and select Browse the Local Files. This will display the destination path.

Example:

1708675830793.png

macOS

Follow these steps to enable split tunneling on macOS. Make sure you are not connected to a VPN server.

  1. Open the PIA app.
  2. Click on the three-dot menu in the upper right corner.
  3. Click Settings.
  4. Click Split Tunnel.
  5. Click the checkbox labeled Split Tunnel to enable the feature.
support-image.png
  1. On the pop-up titled System Extension Blocked, click Open System Settings.
  2. Under System Settings, select Privacy & Security. 
  3. Scroll down to the notification under Security and click Allow.
  4. Enter your macOS password to confirm the settings.
  5. Go back to the PIA app.
  6. Click on Add Application or Add IP Address to choose the app or to enter the IP address you wish to exclude from the VPN tunnel. Afterwards, confirm your choice.

Note: Make sure Use VPN is selected next to All Other Apps. This will ensure that the apps you want to redirect through the VPN tunnel will have traffic encrypted. 

  1. Connect to a VPN server.
  2. Click Allow at the second pop-up where PIA Split Tunnel asks to add proxy configurations. 

If you wish to exclude multiple apps such as the App Store, Safari, the Mail app, and others, simply exclude the WebKit applications option within the Add Application menu.

1708675931397.png

Linux

Follow these steps to enable split tunneling on Linux. Make sure you are not connected to a VPN server.

  1. Open the PIA app.
  2. Click on the three-dot menu in the upper right corner.
  3. Click Settings.
  4. Click Split Tunnel.
  5. Click the checkbox labeled Split Tunnel to enable the feature.
  6. Click on Add Application or Add IP Address to choose the app or to enter the IP address you wish to exclude from the VPN tunnel.

Note: Due to the complex nature of Linux .desktop files, this guide cannot showcase universal step-by-step instructions on how to find the executables you wish to exclude. Finding the proper executable can be challenging. For example, for Firefox, the proper executable is /usr/lib/firefox/firefox, not the one in /usr/bin.

Here are a few ways you can find the correct file:

  1. readlink /proc/$(pgrep <executable> | head -1)/exe

Ex: readlink /proc/$(pgrep firefox | head -1)/exe

  1. Look for a process in your task manager. Some task managers may provide the executable path. Or readlink /proc/<PID>/exe.

1708676058854.png

Here is a list of common apps and their executable locations on Ubuntu. These may vary among distributions or versions, but they may provide a good starting point.

  • Chrome: /opt/google/chrome/chrome
  • Firefox: /usr/lib/firefox/firefox
  • Opera: /usr/lib/opera/opera
  • Chromium: /usr/lib/chromium/chromium
  • Brave: /usr/lib/brave/brave
  • Thunderbird: /usr/lib/thunderbird/thunderbird
  • Steam: ~/.local/share/Steam/ubuntu12_32/Steam
  • Steamwebhelper: ~/.local/share/Steam/ubuntu12_64/steamwebhelper
  • Hexchat: /usr/bin/hexchat
  • Discord: /opt/discord/Discord
  • Flatpak: /usr/libexec/flatpak-bwrap

Note: Excluding flatpak-bwrap excludes all Flatpak apps, as they cannot be selected individually. This is inherent to the Flatpak packaging system. AppImage apps can be excluded by selecting the AppImage file.

Related articles