Skip to main content

Understanding Advanced Settings on the Desktop PIA Client - Knowledgebase / Technical / Application Settings and Features / Application & Features - PIA Support Portal

Understanding Advanced Settings on the Desktop PIA Client

Authors list

Now that you have the VPN configured, you may be interested in the other features available in the application.


The most commonly adjusted setting for most users is the region they are connecting to, this may also be referred to as the server. To access a complete list of the region selections available to you, click on the VPN SERVER widget, shown circled in the image below. We will go over customizing widgets later.

Clicking on the VPN SERVER selection shown above will present you with a full list of servers, such as that shown below. You can minimize or expand countries with the arrow next to a countries name. The latency shown next to each region is an indicator of the efficiency of the pathway between your device and the server. By default, the application is set to ‘Choose automatically’ which is the option visible at the top of the server list; this option will connect to the server with the lowest latency. The heart next to each server can be used to indicate the region as a favorite. This will add the option to the QUICK CONNECT menu, which we will go over a little later. Clicking on the left-pointing arrow at the top left of this interface will return you to the settings interface.


The IP widget will display your actual IP, and when connected, will also display the IP you are being masked with. Additionally, if you are using Port Forwarding, the forwarded port will be shown here.


Returning to the DEFAULT DISPLAY, there is an arrow at the bottom which will open the EXPANDED DISPLAY. This is what you will use to customize the DEFAULT DISPLAY as well as change advanced settings.

Clicking on this will display the EXPANDED DISPLAY which will look similar to the image shown below. We will systematically go over everything shown, starting with how to customize the DEFAULT DISPLAY. There is a switch which can be toggled in the top right of each widget, below the VPN SERVER and IP widgets are marked as favored, while QUICK CONNECT, PERFORMANCE, USAGE, SETTINGS, and ACCOUNT are not. If a widget is marked as favored, it will also be shown in the DEFAULT DISPLAY.


The PERFORMANCE widget will show your traffic weight history. Every five seconds the display will update, showing how much was downloaded over the past five seconds. The numeric display at the bottom of the widget shows live download and upload traffic, as well as the duration of the connection. Please be aware, this is the traffic that has and is occurring, not a speed test.


The USAGE widget shows the total amount you have downloaded and uploaded since establishing the connection.


The Account widget will display the status of the subscription logged into the app.


In this section of the guide, we will go over each of the options available in the SETTINGS widget. This will cover all the extra features available in the new  PIA Client application.

Desktop Notifications

In the image below, the Desktop Notifications option is turned on. Desktop Notifications will provide pop-up text boxes in the corner of your screen to notify you of any changes to your connectivity, such as an unexpected disconnection.


In the image below the MACE feature is turned on. MACE is a DNS-based ad blocker that blocks known advertising and malware domains. As it operates at the DNS level, it can only block entire domains and as such won't block ads that are served from the same domain as legitimate websites. Inversely, it can also in some situations end up blocking an entire website because it tried blocking an ad. A famous case of this is which is used by the sponsored links in Google searches. As a result, some users complain about not being able to access Google results. 

Port Forwarding

In the image below, the Port Forwarding feature is enabled. The Port Forwarding option can be used to potentially optimize torrent performance. To use this feature, you must utilize a server which can utilize the feature. In the image below, in the IP widget, there is an indication under the VPN IP, this means that port forwarding is not available on this server. The next image will show how to identify servers that can use port forwarding. 

With the Port Forwarding feature turned on, expanding the VPN SERVER widget again will show a minor change. When Port Forwarding is enabled, servers that can be utilized for the feature will show in a brighter white text, while those that can not port-forward will be grayed out and have an icon next to them indicating port forwarding is not available from that region.

With Port Forwarding enabled, and a server that supports the feature selected, the application will display the forwarded port that has been assigned to your connection. You can then input this information into your torrent client, or any other implementation.

Allow LAN

In the following image Allow LAN is turned on. If your network is properly configured to facilitate LAN communication, turning on the Allow LAN feature will allow you to do so with the VPN connected.

*If your network is not configured to allow this, general networking support falls outside the scope of PIA technical support, but you may want to consult the PIA subreddit:

Debug Logging

In the image below the Debug Logging feature is turned on. This feature is important if you find that you are experiencing problems. This will allow the application to collect connectivity and functionality logs. In the event you need to contact customer support, this can be helpful for the support team and they may request you provide them with the Client logs. Rest assured, these logs are not traffic logs, PIA does not monitor, restrict, or block web traffic, not on our servers and not on your system; the logs this feature generate are exclusively for troubleshooting purposes and contain no identity or security compromising use information.

Light Theme

The image below is a demonstration of the Light Theme feature. As you can see, this largely inverts the color scheme of the PIA Client. This feature is purely cosmetic.

More Settings...

In the following image More Settings… has been highlighted in the SETTINGS widget, additionally, the top-right menu has been expanded to show another way to access the same thing. This option opens the most extensive menu of the client, containing all the settings available in the EXPANDED DISPLAY as well as a few more advanced settings.



The first section of the settings interface is General. Language will specify what language the application interface displays. Show Desktop Notifications was already explained in the section above. Theme allows for selection of Dark or Light, demonstrated in the explanation of the Light Theme option above. The option Launch on System Startup will cause the PIA Client to start up as your operating system is loading. The Connect on Launch option will cause the client to connect as soon as the application launches.


The next section is Account. This contains details about the subscription of the account you are logged in on in the application.


The following section is Privacy. This allows access to the VPN Killswitch feature, which will prevent web traffic outside the VPN tunnel. You can also turn MACE on or off, which is a DNS level ad-blocker and can be easily accessed from the SETTINGS widget.


The next section is the Network. The PIA Client will auto-connect you to PIA's DNS Servers it will also allow you to choose to use your device's existing DNS  or to set up a custom DNS server. Also within this section, you will also find another area to toggle the Port Forwarding and Allow LAN Traffic features, also available in the SETTINGS widget.


The second to last section is Connection. This section contains specific settings that can be utilized by advanced users or to troubleshoot connectivity or speed issues.

Connection Type: This setting will allow you to specify the use of UDP or TCP. In general, UDP will usually provide the best performance for most users, but TCP may be necessary for certain networks.
Data Encryption: There are four available options, GCM and CBC for both AES-128 and AES-256 encryption. PIA exclusively uses encryption that has not been cracked and is known to be secure. All of these options will provide you security, but the higher levels of encryption will have a greater impact on performance.

Remote Port: This setting allows the specification of the specific port to be used in association with the connection type. For security reasons, the PIA VPN service only allows traffic on certain ports. Some users may need to specify a certain port for performance issues related to restrictions on the network they are connecting from.

Data Authentication:  Upon changing the Data Encryption setting, the available options within Data Authentication will change. The GCM Data Encryption settings must utilize GCM Data Authentication. The use of CBC Data Encryption will allow the selection of SHA1, SHA256, or None for Data Authentication.

Local Port: By default, the application will randomly select the local port used; the vast majority of users will never need to modify this setting. Advanced users operating with highly restrictive firewalls may utilize this setting to specify a port that will work with their configuration.

Handshake: This setting determines the protocol used for security confirmation upon establishing the connection, and for the vast majority of users will not require any changes.

Use Small Packets: This setting will cause the connection to modify the MTU setting of the connection, effectively changing the packet size of the traffic occurring over the connection — this can be used to resolve packet loss issues.

*Torrenting software may compress data, which can cause packet loss. If experiencing issues turning this on may resolve them.


The final section is Help. In addition to being another location to toggle the Debug Logging feature, you can also find a shortcut to the Support Portal, and see the version of the application you are using. If you receive a message that your TAP adapter is having issues, this is the virtual networking adapter used to mediate the VPN connection. First, restart the computer to try to fix this; if the VPN still does not work after a full system restart, the Reinstall Network Adapter option should be used. If for whatever reason you need to remove the PIA Client from your device, the option Uninstall Private Internet Access can be used. If you have contacted customer support and they need a debug log, you can use the Submit Debug Logs option to generate a Reference ID and send the logs to customer support.

Submit Debug Logs

If you select the Submit Debug Logs option, you will see a window like the one shown below. You can enter details about what you are experiencing in the text box at the top of the right side. Upon clicking Send a Reference ID will be generated, click Copy to clipboard and paste this Reference ID in a response to customer support.