[HOWTO] Chromecast/Netflix outside USA without VPN

Search This thread
By:
Advanced…
mondohow

mondohow

Senior Member
Jun 3, 2014
338
645
Google Pixel 6
How can I tell if this needs to be added or if my router automatically ads it?

Code: 
iptables -t nat -A POSTROUTING -j MASQUERADE

I'm using an RT-AC66 running Tomato Shibby latest.

Thanks...
 
R

Rylo

Senior Member
Nov 1, 2008
64
2
fishyrelic said:
Hi All
I have found a solution to this problem.
Netflix on my chromecast in Australia stopped working after the latest update 19084 when casting from Netflix android app 3.7.1 while it would work normally on my laptop and android.
At this point I had unblock-us dns configured on the android device and laptop (issued by the router).

The solution involves fooling the chromecast and android app into thinking they are talking to google DNS while they are actually communicating with unblock-us DNS
Latest chromecast firmware and Netflix app are required for this. (19084 and 3.7.2 respectively)
The way to do this on a cisco router is by using the following configuration

------------------------------------------------------
interface Vlan1 (or any other LAN interface)
ip address 192.168.15.1 255.255.255.0
ip nat inside
ip policy route-map google_dns-redirect

ip access-list extended google_dns
permit udp 192.168.15.0 0.0.0.255 host 8.8.8.8

route-map google_dns-redirect permit 10
match ip address google_dns
set ip next-hop 111.118.175.56

ip nat outside source static 111.118.175.56 8.8.8.8
-------------------------------------------------------

With this config, the router redirects any traffic destined for 8.8.8.8 to instead go to 111.118.175.56 (while the Chromecast thinks it is still going to 8.8.8.8)
It is important that the return traffic to CC does not appear to be coming from Unblock-us so the router needs to be setup to change any traffic coming from 111.118.175.56 to 8.8.8.8 using a static NAT statement.
As you can see, this method is different to the popular method of blackholing traffic to 8.8.8.8 causing the CC to fail over to whatever DNS is configured on the router (unblock-us DNS)
This fix should also be fairly easily to setup on a firewall using a GUI. Not sure if DD-WRT, Open-WRT or Tomato are capable of this as they are firewall features.
Also note that this fix will only work if the Netflix on the Android is latest 3.7.2 as the old version (3.7.1) without hardcoded DNS gives away its location while casting to the lastest chromecast 19084
Hope this helps.
Click to expand...
Click to collapse

Any idea on how to get this working on a fritzbox 7360 ? Or could you tell me what 'option' your router needs to have. Thanks!
 
F

fishyrelic

New member
Apr 7, 2010
4
4
Rylo said:
Any idea on how to get this working on a fritzbox 7360 ? Or could you tell me what 'option' your router needs to have. Thanks!
Click to expand...
Click to collapse

I haven't used the fritzbox 7360 but it appears to be a generic consumer grade router and will most likely not have any traffic redirecting/manipulating capabilities. You would either need an advanced router like a cisco or a firewall such as a dell sonicwall.
 
  • Like
Reactions: Rylo
D

DJames1

Senior Member
Oct 10, 2013
385
115
Looks like Netflix has broken geo-unblocking in the latest version of the Android and iOS apps (Android app now at version 3.8.3). And the casting Chromecast won't work any more with older versions of the apps, so using an older version to get around the problem won't work. Thanks a lot Netflix!

Not sure yet if this affects only the static-route-Google-DNS-to-nowhere method, or it also affects the Google-DNS-rediction-using-iptables method. Maybe someone can report about the latter? It may be a while before I get time to check.
 
G

gpkgpk

New member
Dec 9, 2014
1
0
DJames1 said:
Looks like Netflix has broken geo-unblocking in the latest version of the Android and iOS apps (Android app now at version 3.8.3). And the casting Chromecast won't work any more with older versions of the apps, so using an older version to get around the problem won't work. Thanks a lot Netflix!

Not sure yet if this affects only the static-route-Google-DNS-to-nowhere method, or it also affects the Google-DNS-rediction-using-iptables method. Maybe someone can report about the latter? It may be a while before I get time to check.
Click to expand...
Click to collapse

Thought it was just me, grr.
With the static-route-Google-DNS-to-nowhere method , Netflix+Chromecast is giving me the error "Sorry that title is not available to watch instantly. Please try another title" error message.
Anyone have any ideas? Tried the iptables tricks too, no luck.
gpk
 
D

DJames1

Senior Member
Oct 10, 2013
385
115
Strangely you can still browse and cast out-of-region Netflix content from the latest version of the Netflix Android app (3.8.3) - you just can't play it on the Android device itself. Set it to play on the Chromecast before you attempt to play anything. Also note that after updating the Netflix Android app, you must log in for the first time in your home region.

You can still play out-of-region content using the Netflix Android app version 3.7.1, but now the Netflix Chromecast app refuses to play content cast from that version and insists that you update it.

So you can't have both local and Chromecast capability at the same time.
 
Last edited:
Y

ykphuah

Senior Member
Dec 17, 2009
417
38
Need to wait for the unlocator guys to outsmart the netflix guys!
I have given up on using android to cast to chromecast. Tried netflix from laptop chrome casting to chromecast, worked perfectly fine. Does the netflix webapp works on the chrome on android?
 
S

skivnit

Senior Member
May 21, 2012
2,708
365
all i'm getting is the "oops i shouldn't be here error" its playing fine on my Android phone and ipad, i guess all i can do now is use chrome to cast my screen from the laptop :(
 
D

DJames1

Senior Member
Oct 10, 2013
385
115
As far as I know, the current situation is:

- Netflix Android app up to version 3.7.1 works with DNS redirection and can play all content on the Android device. But as of a month or so ago, the Chromecast Netflix app will no longer accept casting from version 3.7.1 - it displays a message saying that you must update your Android app.

- The current version of the Netflix Android app (up to version 3.8.3 at least) only works partly with DNS redirection. It will allow you to browse all content, and it will cast it successfully to the Chromecast, but it will not play that content locally on the Android device itself.

This applies if you are blocking Google DNS. I don't know what happens if you are redirecting Google DNS with iptables commands - I have heard that it works erratically.

The situation is the same with all the DNS redirection services I have tested, and as far as I have read it is the same with all of them. Apparently the Netflix app is now doing something new with Google DNS, and for the Android app nobody has quite solved it. Netflix is continuing to update their app, so the situation might change at any time, for better or worse.

(Note that after updating the Netflix Android app, you must initially start it and log in from your home region.)
 
D

DJames1

Senior Member
Oct 10, 2013
385
115
I just tested the Android Netflix app version 3.8.3 using my DD-WRT router with Google DNS redirected via iptables commands instead of using my regular router with Google blocked. It successfully plays out-of-region content locally on the Android device.

The format I am using is:
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to <redirected dns ip address>
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to <redirected dns ip address>

I can't say whether it works reliably from this quick test, but it worked first time for me.
 
Last edited:
Y

ykphuah

Senior Member
Dec 17, 2009
417
38
I too am using the forward everything to port 53 to unlocator, and netflix is playing fine on android, and mac. Chromecast won't even show the netflix app now. Tried with both old and new netflix app on android.

zzz, chromecast have just gotten less useful.
 
Y

ykphuah

Senior Member
Dec 17, 2009
417
38
Realize one thing, the way to cast from android, is to let the show play on android first, and then only cast.

If I choose the cast first, then only play, it will never play.

I think someone mentioned this in previous posts but I didn't paid much attention to it previously.
 
D

DJames1

Senior Member
Oct 10, 2013
385
115
I found the opposite when using the Netflix app version 3.8.3 with Google DNS blocked by a static route in the router. It wouldn't work if I tried to play on Android first, but if I set it to cast to Chromecast first and then played the selection, it would cast successfully.
 
Y

ykphuah

Senior Member
Dec 17, 2009
417
38
DJames1 said:
I found the opposite when using the Netflix app version 3.8.3 with Google DNS blocked by a static route in the router. It wouldn't work if I tried to play on Android first, but if I set it to cast to Chromecast first and then played the selection, it would cast successfully.
Click to expand...
Click to collapse

I am on the latest Netflix, its 3.9.1 according to Apps Info, if I just use the Blocked by Static Route method, netflix won't play at all on the android.
 
D

DJames1

Senior Member
Oct 10, 2013
385
115
I can't get Netflix to cast to the Chromecast at all any more when using an alternate DNS, whether blocking Google DNS or redirecting it.

Netflix appears to be making rapid changes with the specific intent of more effectively blocking access to out-of-region content. The Netflix Roku app has been affected too. It's always disappointing to see a company putting their development efforts into screwing with their customers on behalf of third parties rather than enhancing their product. Beginning of the end for Netflix I think, as it has beem for other companies when they lose sight of who the customer is.

What continues to work just fine are the old Netflix apps on my Blu-Ray players, so I guess I'll go back to using them.
 
Last edited:
D

DJames1

Senior Member
Oct 10, 2013
385
115
Surprisingly I was able to get both Android playback and Chromecast casting to work again using iptables commands after updating the Netflix Android app to version 3.9.1.

I'm suspicious that it wasn't the app version update that made the difference though. Too many variables to test here, especially since I'm not sure if trying to access Netflix from different regions on the same device in rapid succession would introduce another variable.

What I'm thinking might have happened is that I checked that Netflix region switching via iptables commands still worked with the Netflix Roku app, and then I paused it on the Roku and tested Android and Chromecast casting with the same media selection. Maybe it worked because Netflix was already streaming that selection to me on the Roku, and I just paused it on one device and then started streaming it again on another device on the same account. If that was the case, it occurs to me that one could possibly start a title streaming in PC web browser, pause it, then switch to Android and cast it. Maybe someone else having problems with the Android app currently could test that?
 
Y

ykphuah

Senior Member
Dec 17, 2009
417
38
Yeah, the night after I posted the above, my playing on android stopped working again. :(:(:(

The most consistent way is to play it on my mac and cast it from there.
 
You must log in or register to reply here.

Similar threads

Team-Eureka
[ROOT] HubCap Chromecast Root Release!
Replies
1K
Views
506K
osrox
osrox
trainriderben
Streaming XBMC to Chromecast
Replies
282
Views
445K
P
punkmexic
bhiga
  • Sticky
[FAQ] Chromecast Frequently Asked Questions
Replies
282
Views
364K
T
taken21
T
  • Sticky
[FLASHER] [v1.3 - 2014-07-07] FlashCast: Quickly and easily mod your Chromecast
Replies
622
Views
451K
M
marrywilliams
benkxda
  • Locked
[INDEX] Google Chromecast [06 Feb 2017]
Replies
174
Views
291K
benkxda
benkxda

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 29
    varun.c.jain
    varun.c.jain
    Using the already available information on the internet and a few threads of this XDA forum, I figured out how to get Netflix working in Switzerland, without having to use a VPN service.

    DISCLAIMER: This is not a replacement for a VPN service and its functionality, but an alternative way to use geoblocked websites outside their origin countries. This workaround needs you to have either a DD-WRT router or atleast a router on which you can configure iptables via CLI.

    • Sign up for the free beta at Unlocator
    • You will need admin access to your home router. Connect to this router via web interface or command line whichever is applicable.
    • Follow Setup Guides for Multiple Devices and setup your home router with the Unlocator DNS IPs
    • Follow How to Setup DD-WRT to Work With Chromecast
    • I didn't have a DD-WRT router but with admin access I could use the commands in the previous step on the command line of my TP-Link W8960N router.
    • You can replace the DNS IPs in these commands with any other service that you are using for eg. Unblock-US
      Code: 
      iptables -t nat -A PREROUTING -d 8.8.8.8 -j DNAT --to-destination 185.37.37.37
iptables -t nat -A PREROUTING -d 8.8.4.4 -j DNAT --to-destination 185.37.37.185
    • Edit: Due to some problems with newer Netflix app versions on the Chromecast build 19084 these iptables rules seem to be a better option. They redirect only DNS requests made to Google servers to the server of your choice
      Code: 
      iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 185.37.37.37
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 185.37.37.37
    • Try playing any Netflix content in the Chrome browser, and use the Netflix player's Chromecast button to cast your content. It will work without any issues as your Chromecast will be able to bypass having to query Google's DNS and query Unlocator's DNS.
    • You can now try the same from any Android or iOS device using the appropriate Netflix app. (You can find the Netflix apk here)
    • Happy Netflixing! :highfive:

    Here are detailed and confirmed working steps to:
    View
    4
    Z
    zaqh
    I have found a solution that works for me, and I think it would do for everyone who uses private DNS servers as Unblock-Us or Unlocator. The only thing you need is a router capable of filtering outgoing connections, and every router I have seen can do this as part of the built-in firewall without need of flashing an alternate firmware that supports iptables (such as openwrt).

    You only need to put two rules on your router firewall to block outgoing packets to Google DNS Servers (8.8.8.8 and 8.8.4.4) for TCP/UDP and port 53 (DNS). This way, Chromecast will get a timeout trying to reach Google DNS Servers and will fallback to your router defined DNS servers and your Netflix or Hulu will work again!
    View
    4
    M
    muvisan
    Pris0n said:
    Let me know if you get it working. I'll have an fritz 7390 with the same problems.
    Click to expand...
    Click to collapse


    I have an FB 7320 and it is working with routing the google IPs to some unused IP...

    But you have to be careful how you enter the the google IPs (it should not be 8.8.8.8 and 8.8.4.4,
    but should be 8.8.8.0 and 8.8.4.0 - because FB does not allow to enter netmask 255.255.255.255).

    So it should look like:
    IP: 8.8.8.0
    Subnetmask: 255.255.255.0
    Gateway:192.168.178.222 (per default you have the FB configured as GW 192.168.178.1,
    so it must be in this network - and in this example .222 is an IP which is not used by any host).

    And same for IP 8.8.4.0.
    View
    4
    clmbtti
    clmbtti
    jarayn said:
    This looks interesting mate.

    Do you have any idea if its possible on DDWRT / tomato?

    Is it a firewall script like this one (that i have been using but no longer works. Presumably because of the return.

    iptables -I PREROUTING -t nat -p udp -d 8.8.4.4 --dport 53 -j DNAT --to-destination
    Click to expand...
    Click to collapse

    I saw a script on reddit that is currently working just fine in my tomato-based router. You can use it to redirect all traffic going out on TCP/UDP port 53 to a specific IP address:

    iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 192.168.1.1
    iptables -t nat -A PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 192.168.1.1

    (assumes router IP is 192.168.1.1 - change accordingly or reroute to your smart DNS server of choice directly)
    (assumes interface is br0 - change accordingly)
    View
    3
    D
    DJames1
    irishpancake said:
    I re-direct the Google DNS requests in the Router, using Static Routes, which works quite well.
    Click to expand...
    Click to collapse

    The static route method redirects Google DNS lookups to a black hole, so that no response is returned. That's equivalent to blocking Google DNS. That won't work with the new Android Netflix app 3.7.2. The iptables method might work because the app will get a valid response to its domain lookup.
    View

New posts