diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b55d15fa..46c0f7c5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -109,6 +109,12 @@ jobs:
           secrets.PROTONVPN_OPENVPN_PASSWORD }}" | ./ci/runner
           protonvpn-openvpn-port-forwarding
 
+      - name: Run Gluetun container with Private Internet Access OpenVPN and port
+          forwarding configuration
+        run: echo -e "${{ secrets.PRIVATEINTERNETACCESS_OPENVPN_USER }}\n${{
+          secrets.PRIVATEINTERNETACCESS_OPENVPN_PASSWORD }}" | ./ci/runner
+          private-internet-access-openvpn-port-forwarding
+
   codeql:
     runs-on: ubuntu-latest
     permissions:
diff --git a/ci/cmd/main.go b/ci/cmd/main.go
index fffd4d5b..3963ef16 100644
--- a/ci/cmd/main.go
+++ b/ci/cmd/main.go
@@ -27,6 +27,8 @@ func main() {
 		err = internal.ProtonVPNWireguardPortForwardingTest(ctx, logger)
 	case "protonvpn-openvpn-port-forwarding":
 		err = internal.ProtonVPNOpenVPNPortForwardingTest(ctx, logger)
+	case "private-internet-access-openvpn-port-forwarding":
+		err = internal.PrivateInternetAccessOpenVPNPortForwardingTest(ctx, logger)
 	default:
 		err = fmt.Errorf("unknown command: %s", os.Args[1])
 	}
diff --git a/ci/internal/privateinternetaccess.go b/ci/internal/privateinternetaccess.go
new file mode 100644
index 00000000..7d239175
--- /dev/null
+++ b/ci/internal/privateinternetaccess.go
@@ -0,0 +1,31 @@
+package internal
+
+import (
+	"context"
+	"fmt"
+	"regexp"
+	"time"
+)
+
+func PrivateInternetAccessOpenVPNPortForwardingTest(ctx context.Context, logger Logger) error {
+	expectedSecrets := []string{
+		"OpenVPN username",
+		"OpenVPN password",
+	}
+	secrets, err := readSecrets(ctx, expectedSecrets, logger)
+	if err != nil {
+		return fmt.Errorf("reading secrets: %w", err)
+	}
+
+	env := []string{
+		"VPN_SERVICE_PROVIDER=private internet access",
+		"VPN_TYPE=openvpn",
+		"LOG_LEVEL=debug",
+		"SERVER_REGIONS=CA Montreal",
+		"OPENVPN_USER=" + secrets[0],
+		"OPENVPN_PASSWORD=" + secrets[1],
+		"VPN_PORT_FORWARDING=on",
+	}
+	const timeout = 80 * time.Second
+	return runContainerTest(ctx, env, []*regexp.Regexp{successRegexp, portForwardingRegexp}, timeout, logger)
+}