Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3690 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Netflix issues... seeing Comcast to Amazon server connections across my network?

BrandonBuell

I know this has been rehashed many, many times.  I have a specific question I need help answering.

I've tried everything I can think of and find in the forum.  Nothing has helped.  At first I was having an issue with my FireTV being set to one IP address, but actually using a different one.  A powercycle resolved that issue.  I've also tried the transparent skip list, adding firewall rules, etc.

I setup a rule in the firewall to allow any and all data to and from my FireTV.  That's when I noticed there is data going to and from networks that appear to be from comcast to Amazon while watching the log and trying to get Netflix to load.  I've heard of others having an ISP that uses specific servers to channel Netflix data.  Is that the case here?  Is there anything I can do about it?

Thanks, everyone.  I'm about 1/16 of an inch from giving up on Sophos... I'm hoping this is the last thing I need to change to make it work.  It's about to drive me up the wall.

Brandon



This thread was automatically locked due to age.
Parents
  • 0

    HI Bradon,

    This issue occurs because the application uses byte-range requests, which are not forwarded to the external server.

    To resolve this issue, add an exception to skip Malware Scanning, Policy Checks, and HTTPS Decryption.

    Applies to the following Sophos products and versions
    Sophos Firewall

    How to add an exception to skip Malware Scanning, Policy Checks, and HTTPS Decryption

    1. Log in to WebAdmin.
    2. Go to Protection Web Exceptions.
    3. Add a new exception for URL pattern matches.
    4. Give a name for the exception.
    5. Select URL pattern matches.
    6. Add the regex listed below and then select all the actions (HTTPS Decryption, Malware Scanning, and Policy Checks).
    7. Click Save.

    You should now be able to watch Netflix without any streaming issues.

    Regex list

    • ([A-Za-z0-9.-]*\.)?ne?t?fli?x(img|ext|video)?\.(com|net)/
    • ([A-Za-z0-9.-]*\.)?netflix-*.vo.llnwd.net/.*
    • ([A-Za-z0-9.-]*\.)?netflix\.com/
    • ([A-Za-z0-9.-]*\.)?nflximg\.com\.?/
    • ([A-Za-z0-9.-]*\.)?nflxvideo\.net\.?/
    • 108.175.(3[2-5,8,9])|(4[0-4,6,7]).*
    • 185.2.22[0-3].*
    • 185.9.(188)|(19[0-1]).*
    • 192.173.(6[4-9])|([7-9][0-9])|(10[0-9])|(11[0-7]).*
    • 198.38.(9[6-9])|(10[2-3,8-9])|(11[0-9])|(12[0-5]).*
    • 198.45.(4[8-9])|(5[2-8])|(6[1-3]).*
    • 208.75.79.*
    • 23.246.[0-63].*
    • 37.77.1(8[4-9])|(9[0-1])].*
    • 45.57.([0-1][0-1][0-9])|(12[0-7]).*
    • 64.120.(12[8-9])|(1[3-9][0-9])|(2[0-4][0-9])|(25[0-5]).*
    • 66.197.(12[8-9])|(1[3-9][0-9])|(2[0-4][0-9])|(25[0-5]).*
    • [A-Za-z0-9.-]*netflix.com/
    • [A-Za-z0-9.-]*nflximg.com/
    • secure\.netflix\.com/*
    • uiboot\.netflix\.com/*

    Taken from  Article 125061,

    https://community.sophos.com/kb/en-US/125061

    Thanks and Regards 

    Aditya Patel | Network and Security Engineer.

Reply
  • 0

    HI Bradon,

    This issue occurs because the application uses byte-range requests, which are not forwarded to the external server.

    To resolve this issue, add an exception to skip Malware Scanning, Policy Checks, and HTTPS Decryption.

    Applies to the following Sophos products and versions
    Sophos Firewall

    How to add an exception to skip Malware Scanning, Policy Checks, and HTTPS Decryption

    1. Log in to WebAdmin.
    2. Go to Protection Web Exceptions.
    3. Add a new exception for URL pattern matches.
    4. Give a name for the exception.
    5. Select URL pattern matches.
    6. Add the regex listed below and then select all the actions (HTTPS Decryption, Malware Scanning, and Policy Checks).
    7. Click Save.

    You should now be able to watch Netflix without any streaming issues.

    Regex list

    • ([A-Za-z0-9.-]*\.)?ne?t?fli?x(img|ext|video)?\.(com|net)/
    • ([A-Za-z0-9.-]*\.)?netflix-*.vo.llnwd.net/.*
    • ([A-Za-z0-9.-]*\.)?netflix\.com/
    • ([A-Za-z0-9.-]*\.)?nflximg\.com\.?/
    • ([A-Za-z0-9.-]*\.)?nflxvideo\.net\.?/
    • 108.175.(3[2-5,8,9])|(4[0-4,6,7]).*
    • 185.2.22[0-3].*
    • 185.9.(188)|(19[0-1]).*
    • 192.173.(6[4-9])|([7-9][0-9])|(10[0-9])|(11[0-7]).*
    • 198.38.(9[6-9])|(10[2-3,8-9])|(11[0-9])|(12[0-5]).*
    • 198.45.(4[8-9])|(5[2-8])|(6[1-3]).*
    • 208.75.79.*
    • 23.246.[0-63].*
    • 37.77.1(8[4-9])|(9[0-1])].*
    • 45.57.([0-1][0-1][0-9])|(12[0-7]).*
    • 64.120.(12[8-9])|(1[3-9][0-9])|(2[0-4][0-9])|(25[0-5]).*
    • 66.197.(12[8-9])|(1[3-9][0-9])|(2[0-4][0-9])|(25[0-5]).*
    • [A-Za-z0-9.-]*netflix.com/
    • [A-Za-z0-9.-]*nflximg.com/
    • secure\.netflix\.com/*
    • uiboot\.netflix\.com/*

    Taken from  Article 125061,

    https://community.sophos.com/kb/en-US/125061

    Thanks and Regards 

    Aditya Patel | Network and Security Engineer.

Children
No Data