Use VPS as second WAN interface for Hulu/netflix?
Hello everyone, i've come across xbmc/plex recently and really want to check out the hulu/netflix stuff, but show that the traffic needs to come from the USA. I've for a centos VPS in st. louis with slicehost and i'm excited to hack together a somewhat elegant solution to check out some nice streams.
My idea was to treat a VPN connection to the VPS as a second wan interface so that I could use firewall rules to pipe traffic through that link that come from specific hosts inside my network, I am just as happy matching for traffic destined to specific destinations but I'll have to work to maintain a list of IPs/hostnames of their hosts to keep things running smoothly.
I've tested a free vpn solution that works for the host itself, but it completely severs the ability for that host to communicate with anything outside the local subnet.
Do any of you clever hackers have recommendations that will allow pfsense to handle and pipe this traffic to the US before it makes it's way to their servers?
Establishing a VPN and routing traffic over that path should be fairly easy, but you'll never be able to make it automatically send only Hulu/Netflix connections out that path. Both of them use content distribution networks, so there's no consistent IP block you're trying to reach. If you're using XBMC on an "appliance" device like AppleTV or an Xbox you could set a rule so all traffic from that device goes over the VPN without much of a notable effect on other use, but if you're using it on your day-to-day PC I think you're pretty much stuck manually switching routes when you want to watch TV.
You understand completely what I am trying to do! I have a mac mini and it's fine by me if all traffic from it went via the VPN, I'm just not sure how to tell pfsense that I want it to catch all traffic and send it via the VPN.
The most I've done with Pfsense is IPsec which doesn't really point me in the right direction. How would I go about telling pfsense that I want traffic from a host to be forwarded elsewhere? I assume i'm going to need outbound nat?
should I use IPsec here? or should I go with openvpn?
Personally I'd go with IPsec since I'm familiar with it, but it really shouldn't matter.
All you'll want is to make sure that the VPN appears as an addressed interface on both ends, then set up the VPS to do NAT with the VPN interface being the "inside". Configure pfSense with the proper rules so the box you're using is routed over the VPN and you should be good.
I don't have my pfSense box hooked up right now (running an 1841 so I can learn IOS) otherwise I'd try it with my dedicated server and post specifics, but maybe someone else can fill in the blanks.