How to Setup Tor With PIA

Tor is free software that enables anonymous communication. The name is derived from “The Onion Router.” It routes internet traffic through a global volunteer network of relays to help conceal a user’s location and activity from network surveillance and traffic analysis.

Using Tor makes it more difficult to trace internet activity, including website visits, messages, and other communications. Its purpose is to enhance privacy and support confidential communication.

Using Tor with a VPN

You can use either VPN to Tor or Tor to VPN, depending on your threat model.

  • VPN to Tor: Connect to the VPN first, then access Tor
  • Tor to VPN: Connect to Tor first, then route traffic through a VPN

Notes

  • Using Tor to VPN may prevent access to .onion services.

  • Using Tor and a VPN together will reduce connection speeds due to additional encryption and routing.

VPN to Tor (Recommended)

Flow: Computer → VPN → Tor entry node → Tor exit node → Destination

This setup helps hide Tor usage from your internet service provider and adds a layer of encryption before traffic enters the Tor network.

Steps:

  1. In Advanced Settings, enable the kill switch.
  2. Launch the PIA app.
  3. Connect to a VPN server.
  4. Open the Tor Browser and connect to the Tor network.

When connected, your internet service provider will see VPN traffic instead of Tor traffic.

Tor to VPN

Flow: Computer → Tor entry node → VPN → Tor exit node → Destination

This setup routes Tor traffic through a VPN after entering the Tor network.

Due to the use of third-party tools and unsupported configurations, this setup is not supported.

Common methods include:

  • PORTAL: Uses dedicated hardware to route traffic through Tor
  • Whonix: Uses virtual machines to isolate Tor traffic

PORTAL provides strong isolation through hardware-based routing. Whonix is easier to set up but relies on virtualization, which may introduce additional risks depending on system configuration.

General setup guidance

  • For PORTAL: Connect your device to the PORTAL router, then connect to the VPN
  • For Whonix: Connect to the VPN inside the workstation virtual machine

Considerations

  • Tor exit nodes can observe unencrypted traffic (non-HTTPS)
  • Tor connections are often slower and may be blocked by some services
  • Combining Tor and a VPN increases latency due to multiple routing layers

Related articles