VPN Client Software by Perfect Privacy
With Perfect Privacy as your VPN provider you have free access to our VPN client software with many advanced features.
Our software, which is developed completely in-house, will automatically update itself and the configuration files so that you can be sure that your software and configuration is always up to date.
The Perfect Privacy VPN Manager for Windows (Vista/7/8/10) offers a lot of additional features that can improve comfort, speed and security. This document explains how to make best use of the functionality of our software.
Instructions for setting up a VPN on Linux, MacOS, iOS and Android can be found in our Howto-Section.
Setting up Firewall and DNS Leak Protection
Integrated firewall protection - never send unencrypted traffic
With the firewall and dns leak protection you can make sure that all traffic is being sent over the encrypted tunnel at all times.
As soon as you have established an OpenVPN or IPSec connection, all traffic should automatically be routed through this tunnel, even without any firewall protection. However, under some circumstances it is possible that certain software may circumvent this tunnel. To prevent this, the Perfect Privacy VPN client provides three different kill switch levels of firewall protection.
Activate while tunnel is active
When this option is checked, the firewall protection will be active only whilst an OpenVPN or IPSec connection has been established.
This setting is useful if you want to access the internet without VPN occasionally (e.g. to use personalized services like online banking or shopping).
As soon as you disconnect an existing VPN connection, your internet connection will remain functional but without providing any encryption or anonymity.
Activate while program is running
With this option you can make sure that traffic will never be sent over an unencrypted connection while Perfect Privacy client software is running. In contrast to the previous setting, the firewall protection will remain active even if no VPN connection is established.
This means that your internet connection will not work if the Perfect Privacy software is running without an established VPN connection. To access the internet without VPN, you will need to exit the Perfect Privacy VPN Manager first.
This setting is useful if you are generally accessing the internet with VPN but want to be able to use an unencrypted connection for specific purposes.
As the name suggests, this setting will activate the firewall protection permanently. This means that your internet connection will only be working when you have established an OpenVPN or IPSec connection.
Even if you exit the Perfect Privacy VPN Manager, the firewall rules will remain in effect. To access the internet without VPN you will first have to lower the protection level or deactivate the firewall protection.
This setting is useful if you want to prevent accessing the internet without VPN by any means.
The option "Firewall local router" restricts access to your local router which can prevent potential IP leaks over SNMP and XSS. We recommend to keep this setting active. However, if you are using a printer or other devices over your local network, you need to deactivate this option to access these devices.
If the VPN Manager crashes for any reason or your operating system restarts without notice, the firewall and DNS leak protection will stay enabled. But if you restart the VPN Client it will detect that it was exited unexpectedly and ask whether the firewall rules should be reset.
DNS Leak Protection
The DNS Leak Protection ensures that only Perfect Privacy nameservers will be used to resolve domain names so that your ISP cannot determine what websites you are visiting.
The levels of protection are identical to the firewall settings. It is recommended to use the same settings for firewall and DNS leak protection.
Cascading over Multiple Servers
Flexibility by using our exclusive Multi-Hop VPN Feature
With the Perfect Privacy VPN client you can setup a cascaded VPN connection over up to four different servers. Please note that cascading only works with OpenVPN and not with IPSec; make sure that OpenVPN is selected in the "Perfect Privacy Settings" tab so that the following steps will work.
To establish a connection over multiple servers you will need to activate cascading in the software first. To do so, click on "Settings" in the main window, select the tab "Cascading and Proxy".
Check the box for "Enable cascading" and choose the number of hops up to a maximum of four. You can then close the settings.
Establish a cascaded connection
After establishing an initial VPN connection to any server you will notice that the connection icons for the other servers are not greyed out (as it would be the case if cascading was disabled in the settings).
Once the first VPN connection is established, you can click on any other server connection icon to add this server to the current cascade.
As soon as the connection to the second server is verified, you can see the order of the cascade indicated by numbers in the main window. You can repeat the last step with two more servers. After finishing you should see the order of the hops in the main window (1 to 3 in our example).
If you have established a cascaded connection and you disconnect one of the servers in the middle of the cascade, all connections to servers behind the disconnected one will get dropped as well. The connections to servers that are before the disconnected server remain intact.
For example: You have a cascaded connection via Amsterdam -> Bucharest -> Huenenberg -> Paris. If you disconnect the connection to Huenenberg then you will also loose the connection to Paris. However, the cascaded connection over Amsterdam and Bucharest remains active.
Please note that a cascaded connection will increase the latency (ping time). By how much, will depend on the servers that are used and how many are in the cascade. However, the bandwidth should not be affected so that you can still download with full speed. If you are running software that requires low latency (like online games), the use of a cascaded connection is not recommended.
How does Stealth VPN work?
Perfect Privacy's Stealth VPN allows you to hide your VPN traffic. In some countries, access to the internet is restricted because of nationwide firewall filters. For instance, this applies to Turkey, China, Iran and the United Arab Emirates.
With activated Stealth functionality, all VPN will be obfuscated by several selectable methods and sent over a standard port (SSH, DNS, HTTPS). Even in countries with restricted internet access these blocks are not blocked as they are essential for basic Internet functionality. And since the VPN traffic is obfuscated, even deep packet inspection (DPI) cannot detect and block this traffic.
Activating Stealth VPN
You can activate this feature under "Cascading and Stealth". If you enable Stealth VPN, the client will automatically switch to TCP configuration if that wasn't the case already (Stealth VPN does not work with UDP).
For the obfuscation you can choose between ssh, stunnel, obfsproxy3 and obfsproxy2. Additionally you can choose the port to use, the options are 22 (SSH), 53 (DNS), 443 (SSL/HTTPS) or a random high port.
Customizable Port Forwarding
Full control over your connections
Port forwardings are helpful to optimize the speed for certain games or peer-to-peer software like torrent clients. With Perfect Privacy you can designate up to five specific ports to forward to your computer.
Additionally there are three random ports available for forwarding. To explain the setup of a port forwarding we will use uTorrent as an example application, but generally it should work with every software that supports this functionality.
Activating port forwarding
To start off, you will need to activate port forwarding in the Perfect Privacy software. To do so, click on "Settings" in the main window and choose the tab "IP and Ports".
Check the box for "Enable custom port forwarding" and choose the server at which the port forwarding should be applied. For torrent downloads, the gigabit servers in Germany and the Netherlands are ideal. For our example we select "Amsterdam" as server.
Most programs such as uTorrent require a 1-to-1 port forwarding so that source and destination port is the same. Click on the "Add" button. A new random port will be assigned and appear in the section "Active custom port forwardings".
Please remember that port forwardings are server specific (in our example for the server in Amsterdam). If you are already connected to Amsterdam and add a port forwarding you do not need to reconnect: The port forwarding will automatically be active after a few minutes.Also be aware that if you choose "Setup Guide" in uTorrent, it will show the port as closed. This is normal: uTorrent checks the port from the local network where it will be blocked by the firewall. This prevents IP leaks by the Wrong Way vulnerability. To check if the port forwarding is working, make sure that uTorrent is running and the port is configured correctly while being connected over VPN. Use an external Port Forwarding Tester where the port should show as open.
You can also use the automatic port forwarding for 1-to-1 forwardings. To do so, make sure that "Enable default port forwarding" is activated in the settings under "IP and Ports". When a connection is established, you can see the automatically forwarded ports if you click on "Details" under the corresponding server in the main window. You can use any of the listed ports for applications like uTorrent.
Your VPN Provider with special Features
Protect Your Privacy!* Compared to monthly payments