Wow their tech support is good, but they don’t document what to do with the Mac Firewall on. It is pretty simple if arcane (and maybe this is why tunnelblick has been such a problem):

  1. Download Private Internet Access
  2. Choose settings and select TCP and port 443

That’s it and it is confusing because the icon seems to light, but you actually have to hover over the icon to see it’s status. A bit different from tunnelblick

