Port Forwarding with Private Internet Access VPN Service

I had a hard time finding details on how to setup port forwarding with Private Internet Access so I wanted to share the details on how to set it up on a Debian system. The following directions will help you find your local IP access, request a port from Private Internet Access for Port Forwarding, configure your local firewall to allow inbound connections, and confirm that your application is listening on the specified port.

Here is a overview of the network topology with a remote user requesting to talk to your machine at home over the VPN connection to Private Internet Access with Port Forwarding setup on port 12345.


  1. Obtain the VPN IP address by looking at the IP addresses in ifconfig. On my machine, the interface is a tun0 interface.
  2. Create a unique client ID with head -n 100 /dev/urandom | md5sum | tr -d ” -” > ~/.pia_client_id
  3. Request a port for port forwarding with curl -d “user=your_username&pass=your_password&client_id=$(cat ~/.pia_client_id)&local_ip=10.xxx.xxx.xxx” https://www.privateinternetaccess.com/vpninfo/port_forward_assignment
  4. Modify firewall to allow inbound traffic with sudo iptables -A INPUT -p tcp –dport 12345:12345 -j ACCEPT
  5. Set your application to listen on port 12345
  6. Confirm that your application is listening with sudo netstat -anp | grep 12345

One thought on “Port Forwarding with Private Internet Access VPN Service

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.