Hi everyone I’m stuck on the PfSense rules for Netflix.
I’m in the UK and can’t get netflix working with my VPN on
I’m using a mix of domains in my alias but i don’t think they work in the UK. Any suggestions? Anyone in the UK got it working?
You need to use the whole domain name of the servers you’re connecting to and not just the last part (netflix.com). The aliases only work as exact matches as it’s doing a DNS lookup of those domain names and using whatever IP is returned for the rule, so there’s no way to do anything.netflix.com if you get what I mean.
If you can’t find a list of servers then the most reliable way is to use a packet sniffer like wireshark on a computer when you use Netflix and filter for dns traffic. Then you can see which domains are being queried and add those to the alias. It will be tedious but eventually you will get all the ones you need.
relevant thread
1 Like
Any good videos that show how to use wireshark?. All I’m getting back is the IP of my computer or DNS server
filter for dns and in the info column it will have the domain name and IP of the DNS query
Working perfect now thank you
1 Like
I have the same setup Netlflix, PFSense, PIA and from the UK and was trying to create exceptions for Netflix with no luck. Also had a look on Wireshark and from what I could see, Virgin Media have Caching servers with different long horrible names. Gave up in the end and so now just disable the PIA rule for my desktop whenever I want to use Netflix.
Would be interested to see if your able to find a way to make it work.
Are you using your ISP’s DNS server?
I think when I setup PFSense originally I would of set it to something different but perhaps I should give it another go and play around with DNS as I could have miss-configured something. I also now send DNS queries out via the VPN which I didn’t before so not sure how that might effect things.
For my DNS settings I’m using OpenDNS with DNS Server Override disabled and make sure you update your DHCP server with the openDNS server.
I have 3 aliases for Netflix. 1 has the domain names my second one has a list of AWS IPs and my third one has IPs from wireshark not sure if you need all of them but it works
I can share my AWS list if you want?
Yeah please, I’ll give it another go :).
I would try a different DNS server like 8.8.8.8 and make sure you get everything that says netflix in wireshark
Netflix ip-ranges 171226.txt (1.5 KB)
I have about 35 IPs from wireshark and that looks to be the only way to get it working. I think almost every ISP has a different IP for netflix in every different location 
It is annoying and a lot of copy and pasting
I prefer using a decent VPN service to bypass netflix regional block.
For instance last night I watched John wick on Netflix form US. John wick 3 is only available in Canada and not in the US or UK.
But with a VPN you can unblock any library of Netflix and stream your favourite show.
According to our research, John Wick 3 – Parabellum is only available in Canada, the Philippines, Turkey, and Singapore. Here is how you can watch it. - Source