Port forwarding

I just received my 4 tuner Tablo today, hooked it up and went to enable the Tablo Connect and found that it’s asking something a little unusual.  With the port forwarding configuration, rather than having the same port on both sides being open it has different ports for external versus the internal.


Is there a way to change this (there’s no obvious choices in the GUI hence coming here), given that my Comcast cable modem doesn’t allow port forwarding to be mapped to different ports, it only allows the same port on the external IP address to be punched through to an internal host.  This restriction means that Tablo Connect would not work for me, a big minus for sure.

Not sure why there would be the urge to have them mapped to different ports, given that random ports could be assigned symmetrically and then registered with some form of Tablo services server for registration on IP change to get around DHCP allocated addresses.

The Tablo’s port forwarding is quite normal.  The whole purpose is take some random external port and forward it to a common internal port.  


You may just not be in the right setup for your modem.  What model is it?  If it is a rare model that doesn’t allow port forwarding, then an alternative is to buy an off the shelf router and have it do all your home network, with the Comcast modem just used for internet access.

All of Comcast X1 enabled modems (Arris, SMC, etc.) have the same port forwarding configuration, so def no rare. Having two routers daisy chained is less than optimal. Still don’t understand why it’s necessary to have asymmetric port forwarding though.  There’s no reason why the Tablo can’t use the same designated public ports (21080-21082) as its own ports rather than the usual HTTP, HTTPS and 8887.  


Seems this isn’t that unusual ( http://community.tablotv.com/discussion/388/can-t-get-ports-open-for-tablo-connect ).

I understand why you’d think it’s common, I’ve used my fair share of routers and FW products that allow asymmetric port forwarding, but I can tell you that there a probably millions of CPE devices from cable/telcos that don’t have that capability and asking someone to pay more $ after spending $299 + $$ for HD, for a feature that contrived at best is a little bit much IMHO.

@virtualuk can you post your modem Name and Model???

Tablo Connect is a purely optional feature, so you don’t have to spend any more money if you don’t want to.  


Comcast is the culprit here, not the Tablo.  The Tablo is implementing standard port forwarding to internal HTTP ports.  


Sorry, but you’re making excuses now.  There’s no rational reason to have Tablo require asymmetric port forward… none whatsoever, and its use adds an unnecessary additional burden to utilizing one of the features it uses as a selling point.

@virtualuk - Sorry to hear you’re having trouble with Tablo Connect. As the others have stated, Tablo Connect is an optional feature and we designed it to be easily turned on via a switch within the settings screen for the massive installed base of UPNP routers.


Unfortunately some routers are not able to be programmed in this way and require additional port-forwarding work. If you need assistance with this, we’re happy to help. Please place a ticket with @TabloSupport and we’ll see what we can do for you.

issue reposted in beta forum.

I gave up after trying every possible option in my router. UPnP, port forwarding, port triggering, all sorts of combinations. It’s possible that the lack of good bandwidth and/or speed causes it to fail. 

No real biggy, but would LOVE to get it working by May when my wife travels to Scandinavia for a tour and may wish to access Tablo controls to record, etc. if nothing else.

@ShadowsPapa

The only suggestion I have is setting up a VPN server at home so devices can connect to your network and it will appear they are on the local network so they will find the Tablo just fine.

Most smartphones have a built in VPN client so it’s quite easy.

Providing you have VPN capabilities, or you have a PC you can set up a VPN server and then set up port forwarding providing that your router has VPN pass through capabilities so it doesn’t screw up the connection and… and … :confused:

Yeah, your OS has to have the ability to support being a VPN gateway, or run a VPN gateway service, then the router has to do port forwarding to the computer acting as server/VPN gateway. 
I am not running Windows Server 2008R2, otherwise that has built-in VPN capabilities like Server 2012 has. 
I run Windows 7 at home. Have not looked into the VPN gateway capabilities of W7.

VPN also has a hefty overhead cost. The packet encryption and VPN packaging means less data payload per packet, MTU often has to be adjusted down. 

I run a pair of Cisco ASA5510s functioning as VPN gateways and L-2-L gateway/head end, and a Windows 2012R2 server running NCP’s SES VPN gateway at work.
Keeping it secure is the biggest hurdle, but speed is the biggest complaint unless conditions are just right. I had to configure port forwarding and NAT in the Cisco devices to let traffic through to the NCP server and had to configure security and forwarding and routing rules in the Juniper core switches to make it all work. Wow, glad I documented all of that in detail! Recreating all that would take days if I had to start over again from scratch. 
The NCP VPN gateway server itself has 2 dozen configuration pages or screens. IKE, IPsec policies, virtual adapters, routing tables, Link profiles, domain groups, NAT, and more.
It took some doing to make the firewall work with dual NICs in that server. There was trunking to set up in the switch. Routing rules were based on “if it’s aimed at this address on these ports, send it here, otherwise discard”, ugh. 

I’m looking around and not so sure W7 supports being a VPN gateway without some 3rd party app or service. Server, yes,  7, not so sure. 

I still find it odd that the router works so well for so many other things, but Tablo still believes the ports are not open except for 443 - and it almost always shows that one green and the others red. Why that one port? It shows that one green almost as soon as you check the box, but never the others, yet they are all configured the same in the same place.
Tablo sets up UPnP in the router, but in the router logs I see one of my computers constantly configuring and accessing the router’s UPnP, but tablo does not.
It’s as if it sets it up once then never tries again to actually utilize it. The router logs all such touches to UPnP, Tablo is there but 1 single time then never again while a PC is there quite a lot. I’m really starting to look at this as more of a Tablo issue than a router issue. Netgear routers are really pretty capable and reliable in these areas.