Menu
What's new
By:
Filters Better Search

Netflix Detects My VPN Only On TV

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

K

Khantahr

New Around Here
I have a RT-AX88U running the latest Merlin. I have the router configured to connect to ProtonVPN and route traffic to it with the VPN Director. I have a PiHole that the router forces all DNS request to go to, and the PiHole, uses Unbound for most things, but will direct Netflix related domains to use ProtonVPN's DNS.

Using this setup has Netflix working on my computers using a browser, on my Android phone using the Netflix app, and my Chromecast while casting from my phone. On my LG SmartTV though, it gives me the usual "you seem to be using a VPN" error message. I can't figure out why it's detecting it on the TV. I've attached screens of some configuration settings too. Console screenshot is the dnsmasq configuration to use the ProtonVPN DNS for the Netflix related domains.

I know the TV app is hard coded to use Google's DNS server 8.8.8.8, so maybe it's related to that somehow? I can't figure it out, any ideas?

wan.png
vpn.png
director.png
dnsmasq.png
filter.png
 
Not sure why you didn't post this in the Merlin forum. You'd be more likely to get relevant help. I only noticed it by accident.

Based on what you posted, it would seem to be correct. Yes, the TV using a hard-coded DNS of 8.8.8.8 would normally be a problem, but that should be corrected by the global DNS filter.

BTW, the rule for 192.168.1.10 is superfluous since it's already covered by the rule below it, 192.168.1.0/24 (unless OVPN3 is a mistake, and like 192.168.1.3, it was meant to use OVPN2).

You might be a good candidate for my DNS monitoring utility, just as a sanity check.

www.snbforums.com

Tutorial - How to monitor DNS traffic in real-time

The following script allows for real-time monitoring of DNS on the router for the purposes of knowing what DNS servers are in use, and which network interfaces are being used. https://pastebin.com/AGNF8cC8 Overview One of the most difficult aspects of the router for users is managing DNS. DNS...
www.snbforums.com www.snbforums.com

Given the complexity of DNS configuration options, sometimes things don't behave as expected.

P.S. What version of Merlin? v386.5 was just released Wed., so I want to be sure whether it's 386.4 or 386.5.
 
Last edited:
I wasn't really sure where the best place to post would be. If it could be moved there that would be great. I am on Merlin 386.5. The rule for .10 is superfluous as it's set up right now, but originally I was going to have it aimed at a different one, so I just left it there until I make a final decision on it.

I have looked at the nf_conntrack contents as you talk about in that tutorial, and I see the request/response from the TV. I'm wondering if the TV sees something fishy in the response?
nf_conntrack.png
 
Khantahr said:
I wasn't really sure where the best place to post would be. If it could be moved there that would be great. I am on Merlin 386.5. The rule for .10 is superfluous as it's set up right now, but originally I was going to have it aimed at a different one, so I just left it there until I make a final decision on it.

I have looked at the nf_conntrack contents as you talk about in that tutorial, and I see the request/response from the TV. I'm wondering if the TV sees something fishy in the response?
View attachment 40008
Click to expand...

That connection shows the global DNS filter in action. The client is attempting to access 8.8.8.8 as you suggested earlier. But it's being redirected to the router's DNS proxy (DNSMasq), which in turn has forwarded it to Unbound @ 192.168.1.2. So at least for that one particular connection, it presumably wasn't attempting to access any of the server directives you have specified in the DNSMasq config file.

That's why it would better to monitor *all* the DNS traffic w/ the script than to randomly extract just one connection from connection tracking.
 
Khantahr said:
On my LG SmartTV though, it gives me the usual "you seem to be using a VPN" error message. I can't figure out why it's detecting it on the TV. I've attached screens of some configuration settings too. Console screenshot is the dnsmasq configuration to use the ProtonVPN DNS for the Netflix related domains.
Click to expand...

Might be going thru a proxy server - remember that Netflix detects VPN's due to a lot of traffic going thru few IP's...
 
You must log in or register to reply here.

Similar threads

J
Pihole/Yazfi with guest network
Replies
4
Views
336
jsn2233
J
W
Mystery of connection speed in Netflix app in TV - with or without network switch
Replies
14
Views
1K
follower
F
I
VPN Fusion questions
Replies
0
Views
138
in2ndo
I
P
OPNsense / Adguard / DNS & VPN questions
Replies
3
Views
930
Tech9
Tech9
Lee MacMillan
Netflix, Roku and 388.2-potential issue? Nope!
Replies
7
Views
838
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
Yafandas Trying to monitor websites visited but VPN being used. Other LAN and WAN 10
D Testing firewalls, WireGuard VPN via pfSense, and other Other LAN and WAN 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 882 (members: 35, guests: 847)
Top