Split Tunnel Profile

A Split Tunnel Profile can be created to manage corporate and local traffic by sending only corporate traffic to the controller. A split tunnel ensures that local traffic does not incur the overhead of the round trip to the controller, which decreases traffic on the WAN link and minimizes latency for local application traffic. Using a split tunnel, a remote user is associated with a single SSID (rather than multiple SSIDs) to access corporate resources, such as a mail server and local resources (for example, a local printer).

Split Tunnel Profile Limitations

Before enabling the Split Tunnel Profile, consider the following limitations:

  • Split Tunnel Profile does not support a zone where mesh-enabled APs are present.
  • Split Tunnel Profile and Express Wi-Fi are not supported together on the same WLAN.
  • For both features to work properly, the configured IP rules for a split tunnel and a walled garden must be different.
  • Split Tunnel Profile does not support DHCP/NAT.
  • Split Tunnel Profile does not support wired clients.
  • The limitations applicable to DHCP/NAT also apply to Split Tunnel Profile.
Parent topic: Working with Tunnels and Ports