how-to block ads
Split tunneling is commonly configured on the connecting client to receive pushed secure route's or set statically. In this situation, only specific traffic matching a "secure" destination address is forwarded out the virtual tunnel interface. All other traffic is routed normally and un-secured through the configured default gateway. These specific routes are configured on the VPN server and can normally be seen injected into the client's route table while connected to the VPN.
The advantages of split-tunneling is that it allows the connected client connectivity to both secure networks AND normal un-secured traffic while connected. The disadvantage is that the client is putting the remote connected network at risk because they are bypassing secure gateways that might normally be found on the remote network's infrastructure, making it accessible through the non-secured public network.
Feedback received on this FAQ entry: