Thanks for sharing.
That’s not really how I’d understand a split-tunnel, it’s more a direct to internet from the client, but maybe I’m getting old, but it looks a bit like a pitch solving for Nord’s Markitecture. Where do I put my Proxy, DLP, CASB, Isolation, Stegogronaphicly sapient attack vector content disarming munger and my prize expensive SASE encrypting wotsyoumacallit? Didn’t Nord have a breach recently?(there but by the grace of... but even so).
https://cybernews.com/what-is-vpn/split-tunneling/