I’d really like to be able to put the tablo into a different local subnet and still be able to connect to it without using tablo connect. I’m guessing this would be easiest by being able to connect to the tablo via a static ip address or even just being able to connect to it by knowing it’s reserved dhcp assigned address.
1 Like
Agreed, I would like this feature. I really like partitioning devices on my network and would love to have my Tablo on a separate subnet altogether.
Won’t all the devices used to watch and schedule Tablo have to be on the same subnet?
I use a static route between the nodes of my network to allow this. Your router may not have this ability.
1 Like
What ports do you forward in the static route to make it work across subnets?
All of them, or none of them if you will. It is a static route, not port forwarding.
Routing between subnets from source to viewer device only adds more complexity, and processing requirements (now the router must be involved).
For all but the most complex (and large) home networks - a single subnet really ought to be sufficient. I’d be curious why this would actually be useful/helpful?
1 Like
I agree.
I have to agree also. I have 42 devices on my reservation list and only have about 150 positions left:smiley: I will admit that I usually have to reboot the modem every month or two but that is a 10 min deal. Cheers
I certainly don’t need it. I am a IT security Pro by profession, and I have a managed network at my home. I run VLANs and everything. I don’t do it because I can, or even because it is a better solution. I do it because every once in a while I test segmentation for security, and sometimes even handle live malware on my home equipment. Sandboxing is nice.
You are right that it adds complexity and needless processing by the router. Fortunately my home network is small enough that such things really don’t matter. I do have a subnet just for the streaming stuff. My tablo and all my fire tv’s are in that subnet. The only thing that traverses the router is when I use my phone, tablet, or pc to view.
1 Like
I agree adding support for discovery of a tablo across subnets is critical for some of us table users. I as well like to run enterprise level switching/routing equipment in my home. I also use vlan’s to separate my LAN and my WLAN segments of my network.
I also bridge to another network and router using a static route. All the firewall rules and NAT policies are in place to allow communication between subnets on any port(s) I choose. It would be nice if you can implement a bonjour like discovery of the tablo which can be used in an IP Helper policy to allow discovery over multiple subnets.
I’d like this feature too. Anyone got a workaround?
Well better late than never I guess…
Found this post about a month ago because I have an odd network design and wanted to setup a VLAN to put the Tablo in. I share access to my Quad tunner Tablo with a neighboor via a WiFi bridge as they don’t have a good way to put up an antenna.
What I have not liked is sharing my LAN with them so I wanted a way that we could share the Tablo and have a firewall between them and me. As I quickly foud out, the Tablo device wants/demands to be on the same subnet as my Roku.
After much expermentation, I finally gave up on using a seperate subnet. If there is a way to do it, I would very much like to hear about it.
Here is what I ended up doing:
Using PFsence on a computer I was not longer using, I installed a quad port Intel nic. (Plan to get a Protectli 6 port router in the near future.)
em0 (WAN interface)
em1 (My network (you can use a VLAN interface, but not needed for simple setups))
em2 (Tablo pluged in alone.)
em3 (Neighboors network)
I then bridged interfaces em1, em2, and em3 so now they act like a switch.
No ip addresses are assigned to any of the 3 physical interfaces.
You need to setup a static IP address for the bridge. In my case it was 10.0.0.1/24
The bridge and the three physical interfaces share the 10.0.0.0/24 address space.
The DHCP hands out addresses at the bridge level interface.
DHCP range is 10.0.0.10 to 10.0.0.200
I set a DHCP reservation for Tablo using it’s MAC address (sorta like a static IP).
For this setup, the “reservation/static” IP is 10.0.0.2
Under the Firewall/Rules. I added premissions at the bridge interface that then allows internet access for all the bridged interfaces. Just to be clear, the Tablo needs access to the internet and this allows for it.
Then added these rules on interface em1:
allow source 10.0.0.0/24 to destination 10.0.0.2/24 protcol TCP port 8887
allow source 10.0.0.0/24 to destination 10.0.0.2/24 protcol TCP port 80
I set no rules on em2 where the Tablo is connected. Ie. no connection starting from the Tablo can reach any devices connected via em1, or em3. You would have to add a rule if you wanted that to happen. In this case I don’t.
Then added these rules on interface em3:
allow source 10.0.0.0/24 to destination 10.0.0.2/24 protcol TCP port 8887
allow source 10.0.0.0/24 to destination 10.0.0.2/24 protcol TCP port 80
The result of this is that my network, and neighboors network both have access to the Tablo and Internet.
I can’t ping/access anything on their network (em3), and they can’t ping/access my network (em1).
The reason this works is that PFsence has firewall rule capabilities between the network interfaces that make up the bridge/switch.
I am not going to claim this is the best way to “share/isolate” a Tablo, it just worked for me.
Had you looked into a distribution splitter the installed antenna? If you have a good strong signal, despite rumors, splitters, especially amplified ones won’t degrade quality. No network security issues 
Your solution implies that I would want to use a second Tablo for them and put that in a subnet or VLAN for them. That is a valid argument, however since I had already had the quad and it has proven to be enough for all parties connected, I didn’t want to spend the extra $$ for a new device, USB drive and guide subscription when I already had the parts available build PFsense router. I also wanted to “isolate” the Tablo along with other IOT devices because I am just one of those tin foil hat kind of guys. 
This is not something I would expect the typical Tablo user would want to do. That said, for someone with an interest in PFsense, this should jump start their efforts.
I got that inference from this implication in your post:
Suggesting if there were a “good way to put up an antenna” this wouldn’t be necessary? Further:
Inferring this is not what you truly want?
I too have foil hats. With all the data mining, not your IP is shared across households – in an unrealistic event someone got into your network… what would they actually do? that you don’t have secured? Or find out? that you don’t already know? Being afraid just because “they tell you” is like …being afraid of being afraid.
A secured network, quality devices and above all not using default setting and user/password can accomplish more than you’d think.
Set up a static route if your router supports it.