using the VPN POLICY “Use vpn for these DOMAIN/ IP RANGE”
Everythink works fine except that i OPEN NETFLIX and i fall in a generic network error (not the same that i have when i’m covered by VPN “it seems that you are under proxy connection”, but is a generic network error like “cannot connect, verify your internet connection blablabla”).
So i thought MAYBE some of the ADDRESS i used includes some netflix services so I cleaned up all the list and i just leaved there A FAKE IP like: 99.99.99.99 with the expectation that only for that IP the VPN would have worked.
The result is that also with that configuration NETFLIX still doesn’t work with that generic error and it only happens when VPN POLICY is ENABLED. Of course with VPN POLICY DISABLED it doesn’t work because it says that i’m under VPN.
So i cannot achieve my goal that is: USE VPN FOR A SET OF IP RANGE and DOESN’T USE FOR ALL THE OTHERS (LIKE NETFLIX).
Amazon Video works correctly with the same setting.
Can anyone help me?
My hypothesis is that NETFLIX try to open many connections and the router performance cannot handle that inspection but it’s just an unjustified hypothesis.
Netflix controls your dns too…and you are using dns of vpn…This is your problem and it is confirmed by displayed error.
I have had your same problem and I have solved using an italian vpn for my italian netflix that is excluded from using vpn in vpn policies.
When policy routing is enabled, system DNS Settings are enforced, which may be the cause of the problem.
You can set DNS manually as required by Netflix and then Override DNS Settings for All Clients.
DNS that you are using it’s dns of your vpn and you can not use alternative dns while vpn is running because vpn policies can only route traffic. You have to try another italian vpn server of your vpn service that netflix doesn’t block.
I’m facing a weird issue, Netflix with the vpn works fine on my chrome browser, mobile application, but on google Chromecast it doesn’t work and say I’m using proxy. what could be the issue ?
you might have to look into dhcp tagging (edit: for sending custom dns to a client.)
The only issue arises is that there might be a chance one detection looks to the ip origin geo, and the origins dns geo, if that mismatches you are still blocked.
To be honest from what ive been observing i already gave up, they make it really hard especially if they start using vpn block lists even full ripe blocks from datacenters in the end its still public information.
oh I see, I was confused with the OP and thought it was a new topic.
though i would like to make a suggestion for such things:
would it be a better idea if there was a rule for bumping a very old thread and instead it would be advised to make a new topic with a link to this thread?
in some forums its called ‘thread necroing’ though I don’t think the user is aware so this is not a attack in anyway, but it can avoid various situations such as the collective thread but also that more people start following this example ‘hijacking’ threads/bumping really old threads with their own issue I quoted it, because the user is unaware, again its not personal, it also helps the site alot for the search engines
