Is it really possible to open blocked YouTube? The query “How to unblock YouTube Videos” is trending in different search engines like Google and Bing. But what is YouTube? YouTube is a very popular online video streaming portal which lets you watch various kinds of videos online. Though, there are few methods available to play and watch YouTube videos offline. But, what’s about on-line streaming? Definitely, YouTube is a very serious source of business, education, entertainment and everything else. As, it is a place of unlimited videos and there are no barriers of watching and sharing, so, it naturally holds the third-position in the list of world’s most visited websites. YouTube lets you upload your own created videos to the different channels so that you can share your practical knowledge with the world. That’s why YouTube’s popularity is so trending.
Recently Fortinet confirmed there was a backdoor in their firewalls which impacted FortiGate OS Version 4.x - 5.0.7. An exploit was released in the wild but it took some efforts to work with (I am looking at you: paramiko/termios/msvcrt). So I ported the code to create a quick and dirty password calculator that will help in pwning Fortinet. Figure 1: Enterprise firewall bypass using RDP and network tunneling with SSH as an example. Inbound RDP Tunneling. A common utility used to tunnel RDP sessions is PuTTY Link, commonly known as Plink. Plink can be used to establish secure shell (SSH) network connections to other systems using arbitrary source and destination ports.
Now-a-days, most of the offices, colleges, schools consider YouTube as a productivity killer, and they block the YouTube website so that people can’t access YouTube from their work spaces, schools, and colleges, just like Facebook. As, I want to mention that Facebook website recently is added in the blacklist of school and office admins and they also block access of Facebook in their office and work-space just like YouTube.
Many countries like China, Pakistan considers YouTube channel as a source of inappropriate and offensive content, and as a result of it, they block the YouTube website completely in their whole country. The visitor of those countries should take an alternative way to get all the juice on YouTube. But, there is definitely a big ‘HOW’ in your mind.
I have already written an article on different ways to unblock Facebook website at offices and schools. Now, let’s see how you get YouTube unblocked at office sectors and educational sectors.
Before going to a step-wise description, let me tell you how YouTube helps me a lot in my career. In my blogging career, I learn a lot of geeky tricks to maintain my website. But, from where do I learn? I, of course, read different blogs and use Google searches to find my queries. When I find any video tutorial, I always go for it and give it my priority. When I observe a step by step guide visually, rather than reading a how-to guide, I always understand the fact with in no time. For example, recently, I have migrated the hosting of my blog with the help of a YouTube video. Thus, I have saved my $500.
Want YouTube Unblocked at School, Office? Why does the Authority Block YouTube Website?
Reason #1:
It diverges your mind. So, you lose your concentration on your work or in your study. The authority suffers because they pay you high to get maximum productivity. So, they force you in a challenge so that you can unblock the website.
Reason #2:
When you view a YouTube video online, it consumes a significant amount of internet bandwidth. As a result of it, they suffer a lot on above all internet speed quality to their office area. They block the site because they know how to increase speed of internet at the office or school. Otherwise, the school authority uses a limited bandwidth internet connection, and limited usage internet connection is never suitable to play YouTube.
How You Open YouTube Videos in Restricted Area?
Unblocking YouTube is not difficult, and by faking your original IP, you can easily bypass all the restrictions at schools, colleges, offices and country-specific restrictions. Basically, there are mainly two or three types of restrictions which are used to block YouTube.
- Local restrictions are only used to block YouTube direct from PC.
- Local Area Network Restriction is used in any organization like school or office to make YouTube inaccessible.
- The country specific restriction is used to block YouTube like website in a particular country.
The main concepts I use to unblock YouTube videos at school is IP faking. Let see the methods I am describing in this article.
#Summary: How to Open YouTube in Office, Schools and Colleges when Restricted?
- Use trusted proxy website
- VPN services
- Browser extensions
- Change DNS of ISP
- Use proxy IP in browser
- HTTPS secure SSL connection
- Use Tor browser
- Remove software that prevents YouTube from opening
10 Ways to Unblock YouTube Website at School, College, and Office
Method #1: Check whether YouTube is Blocked:
When you want to open YouTube in your office area and can’t open it, at first, be sure that it is not the problem with YouTube. Just ping ‘youtube.com’ and if you get no reply, then, it might be the issue of YouTube. However, if you get the reply and YouTube.com is not opening yet, then, this might be the issue of blocking YouTube website, and you have to unblock it.
Method #2: Check Hosts File of Your PC and Be Sure that YouTube.com Is Not Blocked From There
Hosts file of any operating system is used to block or allow any outbound or inbound connection. Sometimes, authority use hosts file of OS to block websites. To open the Windows Hosts file, navigate to the following path and open it using notepad.
C:/windows/system32/drivers/etc/hosts
To open hosts file in Mac or Linux, use the following command:
$ sudo nano /etc/hosts
Now, a check is there for some code that blocks YouTube website to be accessed. If you find any trace, just take a backup of the Windows hosts file and delete the code from the original one and save the file. Hope, this bypasses all the restrictions, and you can access YouTube in office and school.
Method #3: Check Website Blocker Browser Add-on and Remove it to Access YouTube
All modern web browsers like Chrome, Firefox, and Opera, has a support of various extensions. Extensions like site blocker or website blocker can block any website. School and office computers use Chrome, Safari or Firefox as default web browser. So, at first, check if there any extension that can block access to YouTube. Just remove the add-on to open YouTube at schools and work areas.
Method #4: Access YouTube Using IP Address
Every website has it’s own IP address. YouTube has it’s own. To know the actual IP address of YouTube just use ping www.youtube.com -t command to know it’s real IP. Then, instead of youtube.com, try the IP address directly at URL field of the browser to open YouTube videos. You can visit the below URL to get original IP of YouTube.
http://www.yougetsignal.com/tools/web-sites-on-web-server/
Method #5: Use Hola Service
Hola is a very popular proxy service that can be used to access YouTube videos. Hola works like a charm as it fakes your IP to unblock the website at your end. As a Google Chrome user, you can install Hola Chrome extension on your browser to unblock any website including YouTube. However, if you are a Windows user, then you can install Hola application to access YouTube videos.
Method #6: Unblock YouTube Website with Secure Proxy
Buy Fortinet Firewalls
It is the best solution for you to use free proxy services so that you can access YouTube at your office. Many free proxy websites can be used deliberately to solve the issue. I have already described in a post to unblock Facebook site using the proxy and here is the list of proxy to unblock. You try these proxies. If these do not work, then try the alternatives. Below, I mention the list of free proxy server to unblock YouTube.
- https://www.proxfree.com/youtube-proxy.php
- https://www.zalmos.com/
- https://unblockvideos.com/
Proxfree is most compatible YouTube proxy site. This website can bypass country specific YouTube block.
Zalmos web proxy is very reliable mainly to mobile and tablet users to avoid YouTube restriction.
How To Bypass Fortinet
Method #7: Use VPN (Virtual Private Network) to Get YouTube Access
Use of VPN is the perfect solution to unblock access to YouTube at restricted places. It uses virtual private network all over the world. When you use a VPN, you are connected virtually. So, you can access YouTube as you are accessing virtually and are using your original IP. There are many free and VPN software available in the market. You can use any one from the below list: Civ 6 game never loads.
- Hotspot Shield
- Air VPN
- VyprVpn
- Air VPN
- ExperssVpn
Method #8: Use Https Connection
Sometimes web admin manually types the URL to blacklist the website. In such cases, if he forgets to block both the HTTP and HTTPS versions of the connection, then you can access YouTube using secure HTTPS at the beginning of youtube’s URL instead of HTTP if and only if he just forget to block the secure one. This is a very simple trick and in some cases, it works like a charm.
Method #9: Use TOR Browser to Open and Unblock Restrictions for YouTube Website
Tor Browser is nothing but a proxy software which is used to access any blocked website. You need administrative permission to install the browser on your PC and integrate the browser with Firefox browser. To open YouTube, just put the URL in the address bar, and that’s it.
Method #10: Unblock and Browse YouTube website Using a Proxy Web Address in Your Browser
How To Crack Fortinet Firewall Bypass Windows 10
You also get to YouTube website by configuring proxy address manually in your web browser. Use a fresh and alive proxy IP to your browser and open your favorite video portal directly. This is very much similar to using a third-party proxy server. You do not need to open two different URLs each time you browse YouTube when you use a proxy ip in your browser. How to configure proxy setting in your web browser to unblock YouTube web portal?
Navigate to advanced setting option from your Chrome browser, under network option you see “Change proxy settings” option. Click it to open internet properties. Now, navigate to connections >> LAN settings. Tick the “Use a proxy server for your LAN” option and put the proxy server IP address just in the appropriate box.
Firefox users open Firefox and navigate to Options >> Advanced >> Network >> Settings and place a live and valid proxy IP after choosing the Manual proxy configuration. Always use port number as 8080.
Click OK to save the above settings.
How To Bypass Fortinet Firewall
Method #11: Check and Fix Suspicious Program’s Activity to Open YouTube
Some web admins use different suspicious programs to block YouTube website at their organization. You need to trace the application and stop the process to access YouTube. To find the evidence of such application, you need to open task manager and observe the process running in the background.
Method #12: Use Live Ubuntu Disk along with USB Dongle to Bypass Admin Restrictions for Unblocking YouTube
When the above all control of a network place is very much secure, you can try using a live Ubuntu disk to bypass all admin restrictions and access any blocked site, including YouTube.com. You can use a dongle or create a mobile wi-fi hotspot and access YouTube at offices and schools.
Method #13: Can I Bypass ‘YouTube is Blocked’ Restriction Using Smartphones, Mobiles or Tablets
If you are an Android or Apple user, you can follow few of the above methods to open YouTube website. There are few applications available in the android market and apple store to unblock any website. You can use ‘hotspot shield application‘ also on your mobile or tablet to play YouTube when you are in your office wi-fi network zone.
Bottom Line:
I discuss all the possible methods to unblock YouTube at school and office. All the methods are tested, and some may not work due to restriction type or applied filtering level. When you find any difficulty, don’t forget to ping me in the below comment section.
2 recommendations | 2016-Jan-8 6:50 pm Re: AT&T Residential Gateway Bypass - True bridge mode!Huh? Cramer, the article mentions extracting the cert as an unexplored idea, and specifically shows a way without touching or modifying the At&t box, at all. Also, the static IPs don't matter, as the entire logic is done on layer 2. So not sure why you bash the first few lines of the article, did you read all of it? |
cramer Westell 6100Premium Member join:2007-04-10 Raleigh, NC Cisco PIX 501 1 recommendation | 2016-Jan-9 12:54 am It's not entirely L2. The RG still has it's own address ('street address') that allows it to continue to interact with the mothership. The other addresses are pealed away from the RG at L2. This method essentially gives two machines the same MAC and uses the L3 (IP) address to funnel traffic to the correct one. It has the advantage of allowing TV and phone to continue working uninterrupted. It's a neat approach for those with the additional netblock. Two machines using the same MAC and IP address is a much harder nut to crack. This works with the RG's 'pass-thru' mode because all traffic is passing through the RG. It's the man-in-the-middle. It's simply NAT at that point. ('identity NAT') The RG takes what it wants and passes everything else thru -- 1:1 NAT. A 3rd party upstream of the RG has a much harder time knowing what belongs to which clone; EAPOL obviously goes to the RG, but what other things the RG doesn't initiate need to be mapped??? (My original protocol-based vlan hack bridged EAPOL only. That was for an internet only adsl2+ business account. I ran it like that for a few weeks before I switched that NVG510 to true bridged mode, and it worked just fine for ~2yrs -- until we dumped that slow crap.) I'm pointing out their hand-wavey dismissal of things that don't even matter to their methods. (at best it's filler, at worst search engine clickbait) They don't need the certificate(s) because they aren't replacing the box. They don't need to do any code analysis or reverse engineering, again, because they aren't replacing the box. TR-069 is, and has been, unnecessary for internet service. (tv might . phone certainly does, as that's how it gets provisioned.) |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-18 4:18 pm It's been awhile since folks posted to this thread. I know Brianlan moved back to TWC. Are others still using this technique to bypass the RG for the two week period? I don't mind starting a new thread about that for folks currently running the bypass. I'm asking because our Gigapower is almost ready for service. I'd like to know if this still works before I agree to a 1 year term. |
kbatman 1 editjoin:2016-03-23 1 recommendation | 2016-Mar-23 8:29 pm I have been trying to get this to work with a Cisco SG300 and haven't had much luck. I have tried the following already: - Set the switch's IP to 192.168.9.254 (is this consequential vs DHCP?) - Set port 1 to VLAN 2 (untagged) - Set port 2 to VLAN 2 (untagged) - Set port 3 to VLAN 3 (untagged) Disabled SLP, LLDP, CDP, EEE, and LAG on all 3 ports. I plugged the ONT into port 1. Turned off our NVG595 (and waited). Then plugged in the NVG595 into port 2. I get a solid red SERVICE LED and the modem says No IP Obtained. The modem is still in DHCPS from the original setup. What settings am I missing on the switch/modem? Could someone put together a settings/steps for the Cisco SG300 series? Thanks! |
mitchell195 join:2012-03-25 Trumbull, CT | 2016-Mar-23 8:43 pm Are both ports on the switch showing up? |
kbatman join:2016-03-23 | 2016-Mar-23 8:46 pm Showing up as connected? yes. I am wondering if the ONT is seeing the mac/ip of the switch itself and therefore not authenticating. I don't know how to verify this though. |
mitchell195 join:2012-03-25 Trumbull, CT | 2016-Mar-23 8:48 pm Hmm, is there a layer 3 interface configured on vlan 2? The SG300 is a layer 3 switch |
kbatman join:2016-03-23 | 2016-Mar-23 9:02 pm It says layer 2 operational mode. As for vlan 2 specifically, I didn't configure anything after I created the vlan. Attached is a copy of my configuration if that helps? |
actions · 2016-Mar-23 9:02 pm · (locked) | |
2016-Mar-23 9:48 pm Showing up as connected? yes. I am wondering if the ONT is seeing the mac/ip of the switch itself and therefore not authenticating. I don't know how to verify this though. the only way this would really make a difference is if AT&T is whitelisting manufacturer MAC addresses that can talk to the ONT, or, if the ONT can't handle talking to more than one MAC address (IE: it's expecting every IP to be assigned to the same MAC, which won't be the case if you're doing this switch trick) | |
kbatman join:2016-03-23 | 2016-Mar-23 9:53 pm Is there a way to tell? |
mackey Premium Member join:2007-08-20 | 2016-Mar-23 11:13 pm There's an almost zero chance the SG300 will work. The fact that it has the option to support STP means it's 802.1D compliant, and because it's 802.1D compliant it will drop 802.1X frames. |
mitchell195 join:2012-03-25 Trumbull, CT Cisco Meraki MR16 | 2016-Mar-24 12:07 am Here's my thought(Correct me if someone has tried this or finds a flaw in my logic). Use a dumb unmanaged switch, Plug Port 1 into ont, Port 2 into RG. Check to see that the RG connects up. Make sure the mac address of the RG is cloned to your preferred router with the RG's WAN IP information configured on the preferred router's wan interface. After the configuration of the preferred router is ensured, connect a patch cable to the wan interface of your preferred router. Then quickly disconnect the RG from port 2 of the switch & connect the preferred router into port 2. The switch shouldn't notice as the mac address and ports are the same-meanwhile the link to the ont should remain up allowing traffic to pass. |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-24 12:20 am There's an almost zero chance the SG300 will work. The fact that it has the option to support STP means it's 802.1D compliant, and because it's 802.1D compliant it will drop 802.1X frames. Do you think it will work? I could get another switch but since this one does VLANS, I was hoping I wouldn't need to. AT&T subs literally just finished installing the drop hand hole boxes today in front of our houses so service should be available very soon. Gigapower Fiber is now in my front yard. I'd like to keep using my pfSense router which is an older computer. For the price, the features of pfSense are great. I'm actually not sure if this older Core2duo can push full Gigabit with NAT. All Nics are gigabit but I haven't had it on that fast of connection to test. It's a 2007 Lenovo PC. I've got another one at work where I have gigabit so maybe I should test there. I can upgrade the router as well if needed. |
mackey Premium Member join:2007-08-20 | 2016-Mar-24 1:09 am Standards and Protocols: .. IEEE 802.1d .. A 3-NIC computer is probably your best bet at this point; one of the NICs can be a 10/100 USB dongle though as it's only needed for 802.1X from the otherwise unused RG. |
2016-Mar-24 1:17 am Here's my thought(Correct me if someone has tried this or finds a flaw in my logic). Use a dumb unmanaged switch, Plug Port 1 into ont, Port 2 into RG. Check to see that the RG connects up. Make sure the mac address of the RG is cloned to your preferred router with the RG's WAN IP information configured on the preferred router's wan interface. After the configuration of the preferred router is ensured, connect a patch cable to the wan interface of your preferred router. Then quickly disconnect the RG from port 2 of the switch & connect the preferred router into port 2. The switch shouldn't notice as the mac address and ports are the same-meanwhile the link to the ont should remain up allowing traffic to pass. | |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-24 12:03 pm If it is truly compliant as it claims then no, it will not work. However there is a small chance it's not completely compliant or certain config options can override it, though I wouldn't count on it. Does the GS108Ev3 work because it doesn't have 802.1d? So you would need an almost dumb switch that has vlans but not much else? I do have a 2 port NIC card that I can add to my pfSense box. Right now the WAN is the motherboad's Broadcom NIC and the LAN is an Intel CT desktop PCIx NIC. Works fine on my 50x5 TWC connection. So instead of buying a switch, could you do the same VLAN swap with NICs on the pfSense router? Just long enough to bridge the RG so the ONT authenticates. I like the idea of being able to do the VLAN changes better on the switch because the config is easier and there is less to mess up. I'd be willing to try and see if there is a way to leave the RG in place and configure to not have to do the VLAN switches as long as I can get the bypass to work in the 1st place. Thanks for your help and patience on this. I'm still learning a lot of my networking skills. The rub with all this is that Gigapower is a year term to sign up for service. While I can 'manage' for a year if needed, it's not like being able to jump back to TWC a month later if things don't work well. I'd still like to have house wired for fiber so I will probably get Gigapower as Google is realistically more than a year away from service. My Gigapower Hand hole box from the tap to my yard got set yesterday. After inspections today or next week, they should finally hand us over to sales. |
mackey Premium Member join:2007-08-20 | 2016-Mar-24 12:18 pm So even with any Spanning Tree settings disabled, it still won't bridge traffic at layer 2 if I just do a port based VLAN swap as untagged ports? Does the GS108Ev3 work because it doesn't have 802.1d? So you would need an almost dumb switch that has vlans but not much else? I do have a 2 port NIC card that I can add to my pfSense box. While I can 'manage' for a year if needed, it's not like being able to jump back to TWC a month later if things don't work well. |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-24 2:41 pm Well, I may pick up a GS108E then just to have my bases covered. The one time when having something without advanced features is better. I have a little 8 port unmanged switch and could do the physical swap. But with the VLAN config, and the correct ports forwarded, you should be able to bounce the config from outside the home LAN if you needed to renew the connection. How many folks here are actively running this RG bypass? I'm wondering what folks are seeing with peering speeds outside this NC area. That seems to be the other issue with AT&T service when compared to TWC who's peering is not too bad. Anyone have a Gigapower connection I can traceroute to? I was using biranlan's when he had it. Our networking director got some feedback from the folks at MCNC that run NCREN based on this traceroute. They were going to tweak the outbound policies at some point. They did say that AT&T does appear to have quite a few of their own devices in the path but Latency is low. |
DMS1 join:2005-04-06 Plano, TX | 2016-Mar-24 3:01 pm But with the VLAN config, and the correct ports forwarded, you should be able to bounce the config from outside the home LAN if you needed to renew the connection. |
kbatman join:2016-03-23 | 2016-Mar-24 3:44 pm Thanks for your help mackey and everyone else! |
2016-Mar-24 4:49 pm I tried doing the cable swap and it didn't work. We have a Fortinet 90D and I configured it with the broadband information of the modem (which is different from the public IP information that the firewall was using from the passthrough). I wonder if there are special settings or virtual routes I need to set up since the modem's WAN information is completely different from the public IP information the router uses. Edit: It looks like public subnet mode is enabled. I am not sure what the modem's settings should be to make this work (or if the modem's settings matter at all). Also I am not sure how the router is supposed to route traffic to/from the WAN IP which is different from our external static IPs. | |
2016-Mar-24 5:05 pm mitchell195, This is exactly what I tried. It did not work. I am not sure how it could work when the WAN IP information of the RG is different from our static IP addresses. | |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-24 5:29 pm But with the VLAN config, and the correct ports forwarded, you should be able to bounce the config from outside the home LAN if you needed to renew the connection. |
mackey Premium Member join:2007-08-20 | 2016-Mar-24 6:07 pm I am not sure how it could work when the WAN IP information of the RG is different from our static IP addresses. |
kbatman join:2016-03-23 | 2016-Mar-24 6:49 pm That is exactly what I did. Although I am not sure it will work without policy routes that allow 0.0.0.0 to/from the WAN IP. If that is the case, then with a commercial firewall I think I'll need another router with the static IP connected to the router being used as the gateway? |
ATT_Pain @sbcglobal.net | 2016-Mar-25 11:51 am Hi all, We are considering using the procedure with the NVG595 and AT&T small business U-Verse. Our internet is crippled while the NVG595 is in place. Our connection to the VNG595 is the direct fiber via a transceiver (per our our network engineer). Would this procedure work for setup? Are people still having success with the original methodology described in the first post, i.e. successfully bypassing the NVG595 and the NAT table limitiations? Thank you. |
dc81 join:2016-01-05 | 2016-Mar-25 1:38 pm does this vlan switch method require a reboot every two weeks? Or will just switching the VLANs back for a moment restart the 2 weeks authentication? I was looking at TP-LINK TL-SG2008 switch since it has a CLI and can setup a cron regularly to take care of this for me. |
| 750.9 947.5 1 recommendation | 2016-Mar-25 1:57 pm Ableton live 9.7 suite. does this vlan switch method require a reboot every two weeks? Or will just switching the VLANs back for a moment restart the 2 weeks authentication? towards the end of my service with AT&T GP, I had it down to about 30 seconds of downtime, but it was still a manual procedure that you had to be physically present to perform. |
F100 join:2013-01-15 Durham, NC (Software) pfSense Pace 5268AC | 2016-Mar-28 2:04 pm yes, you will have to power cycle the NVG5XX device to reauth the ONT once every 14 days for ondemand reauths. the NVG5XX tries to reauth every 24 hours otherwise. What you have proved brian is that from a Networking perspective, it's very possible for AT&T to fix the firmware of the RG to have a true bridge mode that passes all traffic for an IP address for Internet only service. The network supports this as does the modem firmware before AT&T customizes it. That fact that they don't do this for Small business service is what is most disturbing. Businesses like a medical practice that need HIPPA compliance need to be able to control what data is passed across their network on all ports using their own router. With the RG doing NAT on the traffic vs routing it, I'm not sure I could recommend the service to business customers unless AT&T is willing to sign off legally on security compliance. I'd like to see a third party verify that AT&T's firmware on the RG is truly compliant. This is in addition to the limited NAT tables and other issues which impact business customers. |
mackey Premium Member join:2007-08-20 1 recommendation | 2016-Mar-28 2:36 pm No, the RG should be treated like a black box and presumed hostile, just like every other internet router. Routed vs NATted means nothing, everything sensitive hitting an ISP-controlled device should be encrypted. |