Community discussions

MikroTik App
 
leachieboy
just joined
Topic Author
Posts: 3
Joined: Thu Oct 09, 2014 3:36 pm

Netflix and Hulu over VPN

Wed Oct 15, 2014 6:05 pm

Hi Guys,

So I have a PPTP VPN set up on my Tik.

What I would like to do is route all Hulu and Netflix traffic over the VPN.

I tried to google their IP blocks then add them to Address lists and set a Mangle rule to mark that traffic and then route it from there. I have done this for Ip ranges before and they are working no problem but Netflix and Hulu just doesnt want to work.

Regards
 
jurgenskrause
newbie
Posts: 30
Joined: Thu Feb 27, 2014 1:30 pm

Re: Netflix and Hulu over VPN

Tue Dec 09, 2014 2:14 pm

I have had limited success with using static routes for netflix, I will post an update that uses a horrible script to handle netflix that is working ok-ish
http://binaryheartbeat.blogspot.com/201 ... outes.html

Update:
Here is the scripted version:
http://binaryheartbeat.blogspot.com/201 ... uting.html
 
Steven87
just joined
Posts: 1
Joined: Sun Mar 04, 2018 11:10 am

Re: Netflix and Hulu over VPN

Sun Mar 04, 2018 11:18 am

Hi!

Do you know if this would work with OpenVPN as well? Just got a subscription from Sneakflix but they only give out ovpn config files.
 
almdandi
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Sun May 03, 2015 5:22 pm

Re: Netflix and Hulu over VPN

Mon Mar 05, 2018 10:26 pm

What about the new tls-host matcher. It is possible to use it in the mangle table to set a routing-mark. So maybe, i'm not tested it, you mark all packets which hits the mangle rule with the netflix and hulu domains and route it through the vpn gateway.

Something like this:
/ip firewall mangle
add action=mark-routing chain=prerouting dst-port=443 in-interface=ether2-lan new-routing-mark=vpn passthrough=yes protocol=tcp tls-host=netflix.com
add action=mark-routing chain=prerouting dst-port=443 in-interface=ether2-lan new-routing-mark=vpn passthrough=yes protocol=tcp tls-host=*.netflix.com
add action=mark-routing chain=prerouting dst-port=443 in-interface=ether2-lan new-routing-mark=vpn passthrough=yes protocol=tcp tls-host=*.nflxext.com
add action=mark-routing chain=prerouting dst-port=443 in-interface=ether2-lan new-routing-mark=vpn passthrough=yes protocol=tcp tls-host=*.nflxvideo.net
add action=mark-routing chain=prerouting dst-port=443 in-interface=ether2-lan new-routing-mark=vpn passthrough=yes protocol=tcp tls-host=*.nflxso.net
A possibility where that could fail is, your PC establishes the tcp connection to the netflix server with the 3 way handshake. Next comes the tls handshake and your mangle rule will match and the packets get routed now through the vpn but the netflix server will reject the packets through the vpn because the source ip address changed.

Who is online

Users browsing this forum: cloud45 and 72 guests