Pia List Of Servers

Private Internet Access Netflix Servers. Below is the list of the best PIA servers for Netflix in all countries with popular libraries. Please note that even if a location is specified, there are potentially hundreds of servers there and not all may work. Several reconnections could be needed to find one that does. Some users claimed that some PIA servers can still be used to access Netflix. The reports said that few servers that are located in USA can work with Netflix. Yet rarely all of them capable to unblock streaming access. However they still exist. Below are the lists of PIA servers that known to work with Netflix. The list will be showed down below. 34,494 VPN and Proxy servers in 101 locations across 78 countries. All servers supports WireGuard®. PIA only uses bare-metal servers for our VPN network for enhanced security and performance. Some users claimed that some PIA servers can still be used to access Netflix. The reports said that few servers that are located in USA can work with Netflix. Yet rarely all of them capable to unblock streaming access. However they still exist. Below are the lists of PIA servers that known to work with Netflix. The list will be showed down below. Sep 11, 2020 PIA NextGen VPN servers also use the latest packages in kernel and userspace on an encrypted operating system. Within the encrypted OS, all VPN services and other meta-services that are system.

  1. Pia List Of Servers 2020
  2. Pia List Of Servers In Mobile

If you need encryption, please use the Private Internet Application or OpenVPN protocol with our service.

  • OpenVPN Configuration Files (Recommended Default)
    OpenVPN Configuration Files (Recommended Default windows only plus block-outside-dns)
    OpenVPN Configuration Files (Strong)

  • Legacy

    Although quite different from a VPN, we provide a SOCKS5 Proxy with all accounts in the event users require this feature.
    SOCKS5 Proxy Usage Guides
    proxy-nl.privateinternetaccess.com port 1080
    Enable port forwarding in the application by entering the Advanced area, enabling port forwarding and selecting one of the following gateways:
    After enabling port forwarding and re-connecting to one of the above gateways, please hover your mouse over the System Tray or Menu Bar icon to reveal the tooltip which will display the port number. You can then enter this port into your software.
    Port Forwarding reduces privacy. For maximum privacy, please keep port forwarding disabled.
    IPv6 leak protection disables IPv6 traffic while on the VPN. This ensures that no IPv6 traffic leaks out over your normal internet connection when you are connected to the VPN. This includes 6to4 and Teredo tunneled IPv6 traffic.
    The dns leak protection feature activates VPN dns leak protection. This ensures that DNS requests are routed through the VPN. This enables the greatest level of privacy and security but may cause connectivity issues in non-standard network configurations.
    This can be enabled and disabled in the Windows application, while it is enabled by default on our macOS application.
    We use our own private DNS servers for your DNS queries while on the VPN. After connecting we set your operating system's DNS servers to and When using a DNS Leak testing site you should expect to see your DNS requests originate from the IP of the VPN gateway you are connected to.
    If you change your DNS servers manually or if for some other reason they are changed this does not necessarily mean your DNS is leaking. Even if you use different DNS servers the queries will still be routed through the VPN connection and will be anonymous.
    The internet kill switch activates VPN disconnect protection. If you disconnect from the VPN, your internet access will stop working. It will reactivate normal internet access when you deactivate the kill switch mode or exit the application.
    Users who may be connected to two connections simultaneously (ex.: wired and wireless) should not use this feature, as it will only stop 1 active connection type.


See updated guide here - https://blog.networkprofile.org/private-internet-access-vpn-on-pfsense/


Here is how I have Private Internet Access (PIA) setup on both of my pfSense firewalls. This setup has worked perfectly for me and does not interfere with any other gateways.

This guide will walk you through setting up the connection to PIA, creating an interface for PIA so you can route traffic selectively over the PIA VPN, Installing and configuring the service watchdog, and going over some firewall rules. I will try to go into as much detail as possible

Server Choice

First, choose what server you want to connect to. I have found that the Dallas and Florida servers work best for me, but that might not be the best choice for you.

PIA has a full list of servers available here: https://www.privateinternetaccess.com/pages/network/

Since the Dallas server is geographically close to me, I will be using that one. The address is: us-texas.privateinternetaccess.com


PIA offers three different certificates

  • 'Weak' security on port 1194 - https://www.privateinternetaccess.com/openvpn/ca.crt
  • 'Medium' security on port 1198 - https://www.privateinternetaccess.com/openvpn/ca.rsa.2048.crt
  • 'Strong' security on port 1197 - https://www.privateinternetaccess.com/openvpn/ca.rsa.4096.crt

You will probably get the best performance on port 1194 with weak security, so that is what I will be using. It's still plenty secure for my needs of just downloading linux ISO's

Go ahead and download the crt file for whichever security level you want, and then open the file with a text editor such as Notepad++

Select all of the contents, and copy to your clipboard

Pia list of servers 2020

Now log into your pfSense WebUI and navigate to System > Cert Manager and click on the '+ ADD' Button

Now change the method to 'Import an existing certificate authority' and paste the copied text into the box. It should look like below

Click Save.

You should now see the certificate listed

Now we have the certificate listed, navigate to VPN > OpenVPN, then click Clients and finally click ADD

Now we will go through the configuration. I will go section by section, but it's just one long page. I will highlight changes you need to make in yellow, but also verify the rest of the config looks the same, we can't be sure the default configuration won't change in the future

General Information

Now you will want to fill in the server address you found before, I will be using us-texas.privateinternetaccess.com

Then the port. This depends on which security level you picked at the beginning of the guide, I am using Weak security on port 1194

Then, give it a description. See my screenshot for reference. I have highlighted everything you need to change, but make sure the rest is the same too

User Authentication Settings

This one is pretty self explanatory, enter your PIA username and password, and don't check the box to not retry on fail

Note (1/2/19):It has been suggested that PIA sometimes has an issue with authentication retry, and that you would be better served CHECKING the box so that pfSense doesn't try and re-auth. Personally I have never had any issues with authentication, but keep this in mind

Cryptographic Settings

For this section, uncheck the TLS key box, Select your PIA-CA you created earlier and uncheck NCP

I have had nothing but issues with NCP, if you want to play around with it later you can always come back and enable it, but for this guide we are turning it off. Most of these options can be tweaked, so once you get it working come back and decide what you want to use. PIA has a list of supported algorithms

Select SHA1 as the auth digest algorithm

Tunnel Settings

Change Compression to Adaptive LZO, change topology to net30 and check the 'Don't pull routes' box

If you don't check this box, all traffic will go over the VPN by default, which is probably not what you want. If that IS what you want, then leave it unchecked.

Advanced Configuration

In the custom options box, enter

and set the gateway creation to IPv4 only (Since PIA doesn't support IPv6 at the time of writing)

Finally, click save.

Interface Assignment

Now go to Interfaces > Assignments

On the dropdown for 'Available Network Ports' you should see your PIA VPN listed. Mine is called ovpnc1 (Private Internet Access).Mine isn't listed because I already have it bound to an interface

Select yours, and click add

Now that the interface has been added, click on the interface name, here I am clicking on OPT5, but yours will be different. It should be at the bottom of the list

Now you can check the box to enable the interface, and give it a better name, I called mine PIA_VPN.

Also make sure the reserved network checkboxes are unchecked.

Click save

Outbound NAT

Now navigate to Firewall > NAT and click out Outbound

Click the radio button to change the outbound NAT mode to Hybrid, and click Save

Now we need to create some outbound NAT rules. You only need to create the NAT rules for networks you want to reach the VPN. So you will need localhost, and then probably just your LAN network. I have added some other networks so they can access the VPN too.

I have highlighted the ones you need to make. Just make your screen look like mine!

First, the localhost to PIA rules. You can copy mine 100% for these as long as your interface is correct

The first Localhost to PIA rule

The ISAKMP Localhost to PIA rule

Moving on to the LAN rules. You need to change my entry to whatever your network is!

The first LAN to PIA rule

The ISAKMP LAN to PIA rule

Done? Make sure it looks like mine does. If it looks off, go back and verify. If you need to re-order the rules, just drag them and click save in the bottom right

Next, we want to change

Gateway Monitoring

By default the PIA gateway will show as down, as it can't monitor the upstream gateway. Here we can fix that as well as change a setting which could cause traffic to leak out over the regular WAN

Go to System > Routing and click on Gateways

Now click the pencil button to edit the gateway for PIA

Now enter a monitor IP for the interface to monitor. I chose to enter

This will not give you a very accurate latency reading for your interface, but it will verify the connection is working, and if there is a connection issue like high packet loss

Click save

Now your gateway should show as connected and online

Next, go to System >Advanced > Miscellaneous and scroll down to Gateway Monitoring. Check the box to not create rules when gateway is down

Service Watchdog

Now we will install and configure the service watchdog package. This will restart the OpenVPN service and reconnect PIA if it disconnects/crashes for some reason

Click on System > Package Manager

And then click on available packages, search for 'watch' to find Service_Watchdog. Finally Click Install and then confirm the install

Now go to Services > Service Watchdog and click on Add new service

From here, select your PIA service

And click add

Now its configured, and will restart the service if needed

Firewall Rules

First we will create an alias to use in the firewall rule. This will let you add and remove IP's at will without having to modify the rule and add more rules for more devices.

First, lets go to Firewall > Aliases and click on IP and then click add

Now go ahead and add the IP's for the devices you want to use the VPN only, and give them a description if you want. Click save.

Now head over to Firewall > Rules and click on LAN

Here you can see the two rules which control where the traffic goes

These rules need to be ABOVE the default Lan to Any rule, and the deny rule needs to be BELOW the rule which specifies the gateway.

The reason we have the deny rule is so that if the VPN disconnects, traffic doesn't start going over the default gateway.

Let's get into the first rule which pushes traffic across the VPN gateway. Make sure to specify the source as the alias we created. Then click on Advanced, and specify the PIA_VPN gateway, click save and apply the rule

Then, lets create the deny rule. Make sure the action is Block and you specify the alias again. We do not need to specify the gateway here as we are blocking on the default gateway

Click save, and apply the rule. Make sure they are in the correct order!

Now we have done that, you should be done. Everything on those IP's in the alias will go over the VPN. If the VPN disconnects, no internet traffic will pass and as long as the IP doesn't change, traffic CAN NOT go over the normal gateway

Important DNS Note

If you are not using DNS over TLS to a trusted, privacy oriented DNS Resolver like CloudFlare's, then you will leak your IP over DNS and this could be a problem

To get around this, you should hard code PIA's DNS servers on the system you are putting over the VPN. The DNS servers are and

Pia List Of Servers 2020

Be sure to check if your DNS requests are leaking your normal public IP: https://www.dnsleaktest.com/

Setting these DNS server will probably affect local DNS resolution, so you should really just use DNS over TLS...

Pia List Of Servers In Mobile

You could create some NAT rules to intercept DNS requests and force them elsewhere, but it's more work than just using DNS over TLS, which you REALLY should be doing anyway...

Thats it!