With more services moving to the cloud, including private cloud data centers around the world, customers want to be able to provision a smart remote access solution that routes traffic based on application services instead of traditional routes to the appropriate data center. A traditional Virtual Private Network (VPN) tunnels all traffic. A split tunnel will allow access to certain network segments. The traditional split tunneling method is cumbersome and can result in very large split include/exclude VPN rules for a small set of services.