Questions and answers regarding Perfect Privacy

Here you find the most frequent matters of concern of our members.
Questions our support gets asked multiple times are published on this page.

If you have a question which is not listed already, please contact our support.

General questions regarding Perfect Privacy VPN

No. On none of our servers are any logs which would enable a de-anonymization.

Our server status page provides up to date information regarding bandwidth utilization and possible issues. Members may also use the Server page in the Member’s area to view additional details about our servers.

As Perfect Privacy member you can use our services on any number of your devices. It is not permitted to pass your login credentials to any third party, they are for your personal use only.
No, there is no traffic limit or throttling. However, please note that the Perfect Privacy servers and its bandwidth are shared among all users. We ask that you respect other users and do not overutilize any server: If you make traffic that would put a significant load on a server for a longer period of time, please split it among severeal Perfect Privacy servers so all other users are not affected and can enjoy our service as much as you do.
In principle your ISP (and third parties having access via your ISP) can only see an established connection from your IP address (the one assigned to you by your ISP) to one of Perfect Privacy’s servers. When using a VPN all data within this connection is encrypted, including the address of a website you visit. In short: Your provider can only see that you are using Perfect Privacy, but not what for.
In principle the speed of your Internet connection should not be affected, at least when using one of our servers with 100mbps or 1000mbps connection. This is a lot more bandwidth than ISPs usually provide to their customers. The Internet connection will however not become faster, as all (encrypted) traffic still has to pass through the connection provided by your ISP.

Admittedly the latency of your Internet connection – the time it takes to transport data packets back and forth – may change, since the packets may be routed differently. To verify this effect on Windows you can use the command tracert [hostname], on Mac and Linux use traceroute [hostname].

No. For total anonymity you have to take a couple of things into account. Most important is the protection of your identity, as of course it can still be disclosed (intentionally or unintentionally) while using a VPN. If you for example place an order on Ebay or Amazon where you have to enter your name and address anyway, there is no anonymity in such case.

Another typical attack vector is the so called browser tracking: By analyzing information provided by your internet browser it may be possible to uniquely identify users to some extent. Remedy can be gained by using the “Incognito”-mode of your browser, as Firefox and Chrome offer. The Squid proxy services on the Perfect Privacy servers filter header information that may be used for identification, and thus can help to improve anonymity.

Perfect Privacy’s servers are distributed worldwide. You can see all locations on our server status page. Members may also view additional information regarding the services offered and the ports used on the server page in the Member’s area.
No, the server’s IP addresses are used by all members, in order to increase our member’s anonymity.
Yes, at least on most servers not located in the USA or France. Unfortunately the hosting companies there are under strong pressure from media agencies, to proceed against any sort of filesharing and BitTorrent. This implies in case of alleged DMCA violations the hosting company often terminates the contract with their customer (Perfect Privacy).

Thus we prevent access to BitTorrent trackers on these servers, to avoid unnecessary trouble for the hosting companies and ourselves as well.

Most Perfect Privacy servers are not affected and all ports and services can be used without any limitations.

Yes, if there is a server available in the corresponding country. For example, via the servers in Germany streaming content of German TV stations can be accessed, and the US servers enable you to access some US based services.
Yes, we support IPv6. On most of our servers you will receive an IPv6 address in addition to an IPv4 address. You can see which servers provide you with an IPv6 adress on the server page in the members area.
It depends what kind of router you are using. In general you can use OpenVPN on your router if you have system access and the router meets the minimum system requirements.

If you do not have an adequate router you can order one at our partner flashrouter.com who provides several router models pre-configured for the use with Perfect Privacy. For more information on this please visit our router site and our router forum.

Accounts & payment

The prices are depending on the duration of the chosen paket. Please have a look at our overview on available run-times and prices.
No. All services offered by Perfect Privacy are covered by the regular membership fee.
We currently do not offer any free test accounts.
We currently offer the following payment options:

  • PayPal
  • BitCoin
  • Cash
  • Visa, Mastercard, American Express, Bank Transfer, AliPay, LiqPay, payment with mobile phone and many more via Paymentwall
  • WebMoney, PerfectMoney, OK Pay, Paxum, LiteCoin and more via LavaPay

Your account will be activated faster when using an electronic payment option (Bitcoin, PayPal et cetera) as if using cash (two to four weeks depending on mail travel time).

PaySafeCard does not accept VPN providers and requested from the payment processor PaymentWall to stop processing payments for Perfect Privacy. As such we have decided to discontinue this payment option. For more information and alternate payment methods check this site.
Depending on anonymity or speed being more desirable, there are different payment options to choose from. The actual protection of your anonymity on the Internet – regardless of the payment method chosen – is provided due to the fact that Perfect Privacy, without having any log files, is unable to assign any data packets or traffic to a member later on. In this respect we think using a completely anonymous payment method is not a necessity.

As a good compromise between speed and anonymity we recommend the pseudonymous payment with Bitcoin.

As soon as we receive your payment, we will send you an email with your login credentials for Perfect Privacy.
Please contact us via email.
Memberships run until the end of the period chosen, and can be extended at any time. In case of an automatic renewal, the renewal may be canceled at any time. The membership then ends upon the end of the currently running period. If you have any questions, please don’t hesitate to contact us.
Please send us a detailed description of the issue. If applicable please also send your connection log so that we can help you to solve the issue quickly!
It is true that Perfect Privacy ranges in the upper price region when comparing prices with other VPN providers. But then the features and services offered should also be compared. Perfect Privacy understands itself as premium VPN provider and in particular provides the following core features:

  • All services are running on dedicated root-servers
  • Servers with up to 1000mbps bandwidth
  • Protocols: OpenVPN, IPSec, PPTP, SSH2, Squid- and Socks5-proxies on all servers
  • 40+ servers distributed worldwide
  • No bandwidth limitations
  • Cascading possible
  • Support (also via TeamViewer) included
  • Unlimited connections per member
  • Comfortable user interfaces/clients for many operating systems

When taking these points into consideration, it will get hard to find a comparably extensive VPN offer for a lower price. Perfect Privacy also offers the functionality that other VPN providers have – if you miss anything, please don’t hesitate to tell us about your wishes.

If you need 10 or more accounts for a small or larger business, we can offer you special conditions. Please check our our VPN for Business site and contact us by email for a tailored offer.


We offer multiple port forwarding options, one with precalculated ports and one with customizable ports. With the first one you get three port forwardings, the ports you get derive from your internal VPN IP address, and therefore change with every connection you establish. The scheme is quite easy (see the next FAQ entry), but we also offer a JavaScript form to easily calculate your current ports.

The second customizable port forwarding allows for up to five additional customized port forwardings on the server group chosen. For security reasons each port is only valid for a limited time period of seven days. You may pick your destination port, or stick to the default, which is the same as the randomly chosen source port. The latter is what you usually want for use with file sharing software etc, but if you want to have some port being redirected to e.g. your sshd on port 22, you can do so.

The ports for the default forwarding are always 1XXXX for the first forwarding, 2XXXX for the second and 3XXXX for the third. The XXXX is determined by the last 12 bits of the internal IP address.

Example: Your internal IP is Converting to binary this is 00001010 00000000 11001011 01011000. Converting the last 12 bit 101101011000 to decimal results in 2904. So the forwarded ports will be 12904, 22904 and 32904.

In principle OpenVPN and our software should work without trouble on older computers also. Orienting on the system requirements of OpenVPN we have the following minimal system requirements:

  • Processor: Single Core, 1GHz+
  • RAM: 512MB (1GB recommended)
  • Harddisk: 5MB of free space
In most cases the reason why you cannot resolve certain domains is that the TrackStop filter is active. For instance, if you activate the social media filter, then Facebook, Instagram and Twitter will not work. And if you block Google, many Internet sites will not work correctly since they rely on Google resources. If you cannot resolve a certain domain, please check your TrackStop settings here. Note that any changes to the filter settings will take about 3 minutes to take effect.

We don’t log any connections. But both OpenVPN and IPSec will sometimes use the same internal address on reconnection.

OpenVPN connections use a simple address pool and assign the highest free address. Thus if a client disconnects only briefly and reconnects before any other client releases another address, it will very likely receive the same address it held before.

StrongSwan IPSec caches old leases in RAM, associating a username with the internal IP address. There is no permanent logging and the client’s external IP address cannot be retrieved from this map, even if an attacker could read the IPSec daemon’s memory. Quoting from the StrongSwan documentation:

“A non-persistent memory-based backend is the default. […] To preserve IP address affinity, the remote IKE identity (as defined for the connection in question) is used. This maintains the same IP for a client (most of the time) even across brief teardowns of connections, approximating the behavior of a DHCP server without the stricture of lease expiry timers, but prevents clients from intentionally attempting to get a different IP address as there is no corresponding release mechanism.”

In general receiving the same internal IP address offers the advantage that connections to external services can be kept alive even if the VPN client changes networks, e.g. between wireless and mobile data connections.

No. Generally we do not recommend using any third party firewall software. Since Windows XP Service Pack 2, Windows has a built in firewall that is seamlessly integrated into the operating System. Third party firewalls either deactivate or overrule the Windows Firewall which can lead to a myriad of problems. For instance, the firewall and dns-leak protection in the Perfect Privacy VPN software is using the Windows Firewall to make sure that no dns-leak occurs and all your traffic is being sent only over the encrytpted tunnel. When using a third party personal firewall this functionality will not be working.
The Perfect Privacy VPN Manager for Windows comes with integrated firewall protection which prevents any IP and DNS leak including via methods like WebRTC. The beta versions of the Linux and MacOS client do not yet support this feature but will in the near future.

Since Perfect Privacy fully support IPv6, you are also protected from IPv6 leaks, no matter what operating system you are using.

No. As modern VPN encryption per se is – up to best knowledge – safe enough from attacks even from secret service agencies, there are other attack vectors arising when such an agency in principle has the possibility to eavesdrop on all Internet communication worldwide.

A fundamental problem exists for example when traffic is being eavesdropped between your local router and your ISP, and gets correlated with the traffic of the VPN (exit) node.

How promising such a traffic correlation is, depends on many factors – the amount of traffic that passes through the VPN node and not least how much expenditure is put into such an analysis. Also this of course requires the eavesdropper having identified the target already, as otherwise he would not know whose traffic to eavesdrop at the ISP.

The Tor project does offer a superior protection against such attacks, since a traffic correlation within the Tor network is a lot more difficult. But even the most sophisticated routing of traffic does not offer protection, when data is extracted directly from your computer or via other methods such as social engineering.

Proxy-Servers such as HTTP and SOCKS proxies do not offer encryption. To secure your connection you should connect through an encrypted tunnel. For this purpose we offer the Perfect Privacy SSH Manager. You can find detailed documentation how to securely connect to a proxy in the documentation.
While a VPN connection offers a fully encrypted tunnel, a proxy itself does not offer any encryption, but just forwards traffic (in some cases modified).

So the encryption has to be ensured in addition by using the proxy service combined with an encrypted connection, e.g. an SSH2 tunnel.

Content providers such as Google do not only rely on the IP address to determine the location of a user, but use additional data as well.

Thus it may happen the country shown does not match the country of the server’s location. In such cases it usually helps to use another server outside Europe (e.g. Montreal or Hong Kong).

The IP addresses and ports used can be viewed on the Server page in the members area.
The Server status page shows up to date information on current bandwidth usage and possible server issues.
The Configuration page offers the possibility to chose whether or not the VPN services should use a random exit IP address. This setting only affects the VPN services.
If using our VPN services you get assigned two other randomly chosen Perfect Privacy servers as DNS servers. These might be located in another country than the server you have established your VPN connection to.
The HTTP proxy squid is for use with web browsers and should always be your first choice for this use case. SOCKS5 proxies are for use with other client software, which support using a SOCKS5 proxy.
When using a proxy in connection with a VPN there might be something important to note, to ensure the traffic to the proxy is being routed through the encrypted VPN connection. If the proxy server used and the VPN server used are the same, e.g. moscow.perfect-privacy.com, if you want to use a proxy you have to use the internal IP address of the proxy server as proxy host! Would moscow.perfect-privacy.com be entered again, the connection to the proxy server would bypass  the VPN connection unencrypted! The reason is the routing, which, in order to have a working VPN tunnel, routes the data to the VPN server directly via the default route to the Internet, while all other (non local) traffic is routed through the VPN tunnel. The connection to the proxy server thus would also be routed directly and not through the VPN tunnel! The internal IP address of the proxy server on the other hand will be accessed via the encrypted VPN tunnel.
There are several methods of preventing tracking by websites. Apart from browser plugins like Adblock, uBlock, etc., it is also possible to block known advertisement and tracking domains via DNS. Perfect Privacy offers the TrackStop feature which allows you to block all advertising domains including Google Analytics on our nameservers.

Note that with Perfect Privacy TrackStop it is possible to block much more than just advertising domains: Optionally you can filter known Phishing sites, social media and more. You can activate TrackStop in the configuration.

Yes, the Perfect Privacy VPN Manager ships with integrated firewall protection that acts as a kill switch: It will make sure that no traffic leaves your computer over the unencrypted network. Additionally you can configure in detail, how this kill-switch behaves. For details please check the overview of the Perfect Privacy VPN Manager.
This website uses cookies to analyze the traffic and to control our advertising. By using this site, you agree to the use of cookies. More information can be found in our privacy policy.