WARP Client Profiles - Split Tunnels

I have a small Zero Trust network set up with a tunnel to my home lab that’s working pretty well. I’ve entered my private RFC 1918 CIDR network in the Private Network tab of the tunnel settings. When it comes to WARP profiles for connecting client devices, I’m not clear when I should include or exclude my private 1918 network in the “Split Tunnels” settings. Here are my current WARP device profiles and their corresponding Split Tunnel settings for review:

  • I have a “Mobile” profile (Picks up Android OS) that excludes my private 1918 IP range from the exclusion list so my mobile devices can route to my home lab when away…

  • I have a “Local” profile (Picks up Windows OS) that includes my private 1918 IP range on the exclusion list so my local desktop computers route local traffic on their own, and not use WARP for routing.

Is my understanding correct here? What are the best practices for split tunnel settings on client devices? When should private RFC 1918 CIDR ranges be used or not used? Thank you…