Tablo Connect not working from IT Controlled PC

Hello,

I work for a large corporation, who loves to lock down their corporate PCs. There’s all kinds of antivirus stuff and firewalls and policies and blah blah blah on my notebook PC, which is somewhat IT controlled by my company. I am sure I am not alone here.

I can bring my corporate PC home, and put it on my home network without issue. This is commonplace, and I do it every day. When I do, I can see my network, my printers, etc. It gets assigned an IP address via DHCP from my router, and it looks and acts just like all my other equipment.

I cannot complete the first basic step of “pairing” this PC with my Tablo because when I navigate to my.tablotv.com, the computer can NEVER find my Tablo. I do not have this issue with any other PC or device I own. Just this one PC.

Can anyone think of why the my.tablotv.com redirection method can be failing on just this one PC? If I can’t get past this step, I’ll never be able to watch my Tablo remotely while I am travelling. This is a notebook PC running Windows 10 RS2, and I am trying to connect via Chrome browser. I tried MS Edge as well, and I get the same failure to find my Tablo device there.

Thanks!

Do you have a VPN to your office that is connected while you are trying to make the initial connection to your Tablo?

Edit: another thought…If you enter the IP of your Tablo in the browser, do you get the “Nuvyyo Tablo Server”.

Exactly my thought.

I am trying this Tablo connection on my home network prior to any VPN connection being established. So that is not currently blocking me or altering the IP.

And I did test the Tablo IP in the browser directly, and I did get the Nuvyyo message you show. It has a fixed IP address on my home network and that is what my router redirects the external ports to. I can see and use the Tablo from my Android phone when my phone is on the cell network only (WiFi disabled) so I am pretty sure my network routing stuff is working as it should.

I can only assume that the my.tablotv.com site receives my home internet’s IP address (as defined by my internet service) when I try to connect to it from my home network. It’s not uncommon for browsers to be able to pass this, or websites to be able to detect this. I can only assume that this passing of my IP address from my corporate computer is what is not working, due to some local setting on my PC.

Thanks

Are you allowed to install any software on this laptop? If so and you have access to the Windows Store, try installing the Tablo app and see if you can a connection that way.

OK - I was unaware of an actual app for PC. Thanks. Everything I found so far said “use your browser.”

I do have a new datapoint that is probably the cause of my Tablo Connect failure. On any PC, I can open Google’s website and type “What is my IP address” and it returns what it sees. On my home PCs, Google returns my proper home IP address. Tablo connect is working on these machines. On my corporate PC, Google returns an IP that is different (yet I am NOT VPNing). I don’t know why or how this corporate PC is masking or altering the IP address it presents when I am browsing.

I’ll see if they let me into the Microsoft Store. I do wonder though if the problem will persist there, if the app from the store uses the same mechanism to look for my Tablo.

Thanks

OK - Got the app - it fails too on the corporate PC. It does not work around the false IP being seen/sent.

You could open a cmd prompt and run ipconfig/ all. This should list all of the adapter connections. May help to identify what is running and giving you the mystery IP.

I think I am on to the source of the issue.

Cisco AnyConnect Web Security is a forced app on my computer. It has a proxy setting that I cannot seem to disable. It looks like all web traffic is being sent through this proxy before going out. I tried killing the Web Security process, but when I did, my browsers would not work at all. I was able to select a different proxy site, and the reported IP address changed. So I now know where the strange IP address is coming from, but I have not found a temporary way to get around it yet.

Dang IT people…

At this point it’s probably best to either talk to your IT department and see if they will help you out. Or stick to your personal devices for Tablo viewing. Going further to try and bypass what has been put in place would probably be breaking some company policies. No point in getting in trouble over a few shows.

Last note for the Tablo Developers:

I can watch Netflix no problem. Hulu no problem. I just connect to their websites, login, and watch my shows.

The only reason I can’t use Tablo now is because of the forced proxy masking my real IP address. If Tablo would let me log into the TabloTV site, and then redirect me to my Tablo at home, I wouldn’t have any issue remotely connecting to my Tablo unit. Or if I could simply force the browser to my home IP or force the Tablo App to my home IP I could workaround this proxy problem. My company isn’t preventing me from using the PC for personal use - it is simply putting a proxy protection in place that breaks the Tablo Connect processes as they are defined.

Ever thought about hacking your Window? It’s pretty easy to become administrator on Windows if you have physical access to the machine. Then you can get rid of the Cisco thing… now, you might have to (afterwards) get your IT folks to put it all back into place (they usually just break-fix)…

Something to consider. If I were “there”, I’d show you how easy it is.

And I’ve hacked through Cisco’s (and pretty much anyone’s) VPN… they’re just software. So pretty easy to get around (but a bit more of the “advanced class” vs. taking over a Windows box).

If you’re in the DFW area… let me know.

It sounds like they are using a “white-listing” service through Cisco or another provider. These are becoming more common in the corporate world. Since the Windows clients (apps or browser address) need to contact the “mothership” at Tablo HQ, if the address is NOT on the white-list of approved sites, you are blocked.

While it’s possible you MAY be able to convince your IT gods and goddesses to add this address to the approved list, as they have for Netflix and Hulu, you will probably need to convince them to also “white-list” your home IP address, as the actual traffic is moved from the Tablo in your home.

If you’ve got any “in” with IT, I would suggest you describe / demonstrate the Tablo solution to them, perhaps over a beverage of their choosing. Sometimes, people just need some help to see the light…

I work IT at a company, and I can tell you we don’t “love” locking down PC’s

FYI - this is a fireable offense at my company. Prceede with caution. I suggest you call the help desk and ask about white listing the tablo domain. IT can be more reasonable than you may think.

I agree with the others, it’s not worth the risk of doing in today’s corporate environments.

Having said that, this is another scenario where an authentication method similar to Plex would be appropriate, assuming the Plex website itself isn’t blocked by your company. Just saying…

In IT myself, which is why I suggested going to your company’s IT department. You know better than any of us how strict your your company is when it comes to allowing access to non-company related things.

In my environment, I have things locked down. But I am open to allow access to various things. If a user brought this situation up to me, not only would I allow it, it would peek my interest. A user who goes the route of break first, ask forgiveness later is a problem for me. I’d fix what was broken. Right or wrong, the trouble caused by this along with my mood at that moment would determine if I’d fix it where you wouldn’t be able to access it again.

As another point of reference. I have a similar situation. I actually work from home, but my Laptop is owned and administered by my company. I don’t have full admin access to the PC, but I can change most settings and I can install programs and updates as needed.

For years we used a normal VPN system. When I needed access to work folders or network drives or sites / systems housed internal, I would just connect via VPN … If I wanted to play on the web or watch videos or Tablo, I would just disconnect the VPN (After hours of course).

About 6 months ago, they changed our connection from a standard connect / disconnect VPN to what they labeled as an “always on VPN”. Its really more of a proxy server system but the end effect is that I am always bouncing through their servers…

Luckily, since it was once a normal VPN and could be disabled, The Tablo had its chance to do the local authentication for Tablo connect. So today, with this new version, I can still access my Tablo… BUT, it uses Tablo connect the entire time. Even though I am sitting in my house, connecting directly to my personal router, The Tablo acts as if I am remote…

Whats really strange is that I have other things on my local network. A network printer, a couple media servers, etc. I can still see and use those without issue. I can ping the Tablo locally and get a response as well.

But using the Tablo web sites, and I am remote access / Tablo connect again.

It appears to have something to do with how the Tablo identifies my location. Evidently, as my browser goes out to pull back the Tablo screens, the Tablo identifies that I am pulling down the interface from a different location than local, so it sets up remote access.

I fear the possibility of me losing the Tablo connect authentication, as, like you OP, I doubt I will be able to get authenticated again since Tablo sees me as remote as the PC tunnels me to the remote proxy servers first.

But anyone, and I mean anyone, can hack Windows. Just saying. Firing someone for something that anyone could do? Just seems wrong. Maybe I need to talk to the IT staff (for their education).

good luck

Just because anyone CAN do something, does not mean that it is PERMISSIBLE on equipment that is company property.

If visiting website “X” on company hardware is against policy, and you do so anyway, then whatever policy has dictated as the penalty would then apply…
I would most definitely get IT approval/ support for making this happen the right way…