Connect with us

Hi, what are you looking for?


US Netflix on any device without VPN or sitewide DNS changes – with pfSsense

US Netflix on any device without VPN or sitewide DNS changes – with pfSsense


Everyone seems to be finding ways to watch American Netflix content. While it’s easy to use one of the many plugins on the computer, it gets more difficult on devices like the iPad or PS3 and even more so on Chromecast with google dns. Some people will also need a home router solution, covering all devices at once.

The most common solution is to get a VPN. The VPN can be used from your computer, iPad, Chromecast or a sufficiently advanced router, as it routes your traffic through a server in the United States. The main drawback is speed. Most VPN providers have a plus subscription, and in general, it will be difficult to get Super HD streaming – at least with any stability and on more than one device. You will also need to separate your other browsing traffic from the VPN to avoid speed loss, and to avoid making all websites think you are from the US. All in all, it has flaws.

Another popular solution is to get a dedicated DNS provider like or After the very easy registration, just change the DNS server settings to indicate theirs. The custom DNS will return addresses to servers located in the US (reverse proxies) for all Netflix related searches. All other traffic flows normally.

This avoids VPN speed loss as the actual streaming goes directly from the Netflix servers to your home. It also does not affect your other web traffic. Usually a cheaper service than a VPN, this seems to be the perfect solution. However, it does have a slight security impact: your DNS provider can see all of your searches and can theoretically log or divert some of them.

What we want is to divert only relevant lookups to the DNS of the proxy provider. This is achieved in pfSense by adding a domain bypass in the DNS forwarder. The domain bypass web interface adds wildcards, so the entry will also cover all subdomains. We accomplish our mission by adding the following to the services | DNS forwarder | Domain overrides and check box”Query DNS servers in sequenceChecked:

The IP address of the unlock-us DNS server. Only the first two lines are necessary for Netflix, the other two are for Rhapsody, Pandora, and Hulu.

For a Chromecast that doesn’t work, with Google DNS encrypted, we’re forced to add a NAT rule to forward all DNS requests. in the firewall | NAT | Port Forward, add a new rule with these settings:

RDR: Not verified
Interface: LAN
Protocol: UDP / TCP
Source: IP of your Chromecast
Source port: any
Destination: any
Destination port: DNS (53)
Target IP Forwarding: Our unblocking DNS server or similar service
Target port forwarding: DNS (53)

All in all this is the perfect solution. Switching zones can be done either in the web interface of the DNS provider, or by disabling the pfSense settings.

Don’t forget to share this post with friends !

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *



AnyConnect certificate-based authentication. Cisco community 👨‍💻 The information in this document is based on the following software and hardware versions: ASA 5510 running software...


AnyConnect: Install a self-signed certificate as a trusted source 👨‍💻 kmgmt-2879-cbs-220-config-security-port objective The goal of this article is to walk you through creating and...


ITProPortal . Portal 👨‍💻 We live in a dynamic moment in terms of technology. Even criminals are becoming more technically savvy and are using...


Top 5 Free AV Packages – 👌 Bitdefender Antivirus Free Edition best interface Positives Works on Windows 7 and 8.1 Very easy to use...