Split Tunneling
  • 18 Feb 2021
  • 1 Minute To Read
  • Contributors
  • Print
  • Dark
    Light

Split Tunneling

  • Print
  • Dark
    Light

This article describes how to incorporate split tunneling into your network. If you would like to select specific network subnets to go through from the client to the Perimeter 81 network, instead of full tunnel mode (where all the traffic is encrypted and proxied through the Perimeter 81 network), you will need to manually specify which subnets you’d like to include through the tunnel.

The default configuration is automatic (full tunnel)
360006609179splittunneling.png


Split tunneling: automatic configuration

360006609219splitdialog-auto.png


Split tunneling: manual configuration

360006593320splitdialog-manual.png

Important
Some Operating Systems have limitations to the amount of Split Tunneling they allow on a VPN client connection,
  • IKEv2 - The integration with Windows limits the allows up to 25 different Subnets in Split Tunneling, Mac limit is 254.
  • OpenVPN, Wireguard - As many subnets as allowed on the local Routing Table (Usually less than 4,000 addresses)
If you have defined more than 25 different subnets, make sure that any end-users connected using the agent are operating on either OpenVPN protocol or WireGuard protocol.
In any case, it is not recommended to insert more than 254 different subnets.

After defining the split tunneling subnets, this information will be available on the Networks page.