diff --git a/TunnelKit/Sources/Core/SessionProxy+Configuration.swift b/TunnelKit/Sources/Core/SessionProxy+Configuration.swift
index 7da9637..5aaabcd 100644
--- a/TunnelKit/Sources/Core/SessionProxy+Configuration.swift
+++ b/TunnelKit/Sources/Core/SessionProxy+Configuration.swift
@@ -166,7 +166,7 @@ extension SessionProxy {
         public var renegotiatesAfter: TimeInterval?
         
         /// Server is patched for the PIA VPN provider.
-        public var usesPIAPatches: Bool
+        public var usesPIAPatches: Bool?
 
         /// :nodoc:
         public init(ca: CryptoContainer) {
@@ -239,6 +239,6 @@ extension SessionProxy {
         public let renegotiatesAfter: TimeInterval?
 
         /// - Seealso: `SessionProxy.ConfigurationBuilder.usesPIAPatches`
-        public let usesPIAPatches: Bool
+        public let usesPIAPatches: Bool?
     }
 }
diff --git a/TunnelKit/Sources/Core/SessionProxy.swift b/TunnelKit/Sources/Core/SessionProxy.swift
index 1165dc3..dfe92aa 100644
--- a/TunnelKit/Sources/Core/SessionProxy.swift
+++ b/TunnelKit/Sources/Core/SessionProxy.swift
@@ -609,7 +609,7 @@ public class SessionProxy {
     }
     
     private func hardResetPayload() -> Data? {
-        guard !configuration.usesPIAPatches else {
+        guard !(configuration.usesPIAPatches ?? false) else {
             let caMD5 = TLSBox.md5(forCertificatePath: caURL.path)
             log.debug("CA MD5 is: \(caMD5)")
             return try? PIAHardReset(