Perils of pfBlockerNG VPN bypass for Netflix

satisifed.stew

Re: Routing Disney+/Netflix Over Non-VPN Interface

So I'm still at a loss. Thanks again for the recommendation with ntopng, @jstride! That helped me refine some of my troubleshooting.

I tried to cast a wide net even just to get Netflix working. I started completely from scratch. Below are my rules:

Also set the Custom Destination to my Devices I want to stream from, with the custom protocol of TCP/UDP and a Custom Gateway of the WAN.

I saved the rule and forced an update on pfBlockerNG, and then validated that the rules that were automatically created were near the top of the WAN, LAN, OVPNC, and OpenVPN. All the rules have the gateway set to the
WAN.

Then I tried testing and going to netflix and the page wouldn't even load. I then rescinded the rules and used ntopng to look at the device when netflix was running.

I cross referenced the DNS names and IP addresses that came across ntopng, and validated that it associated to the ASN, and if not added it to the rule. Screenshot below is after I was running Netflix on a port that completely bypassed the VPN (not the ideal situation - given multiple devices need to stream, but wanted to use for testing). All of these IPs were associated with ASNs already that I had passed.

WAN rule:

LAN rule:

OpenVPN rule:

I'm at a bit of a loss how I could further troubleshoot. Is it perhaps how I have my VPN configured? Is pfBlockerNG covering the wrong interfaces? Any tips or guidance would be greatly appreciated

DominicL

This post is deleted!