Thoughts on putting Tablo as DMZ

Curiosity question … seems an option for ensuring Remote Access stays working may be to designate the Tablo as a DMZ host on my network. Early testing shows that it works, but how risky is that, since the Tablo is a ‘single function’ type of unit?

I can’t wait for all the tech gurus to chime in on this thread lol

Just don’t do it.

Work with Tablo Support directly to get manual port forwarding working if you must.


Well I guesss if you are not concerned about LAN security.

But most users get a little freaked out when they look at their routers logs and see all the foreign based bots attempting to connect to various known ports. And port 80 is usually high on the list.

Not to mention port 23 telnet.

I thought they were asking how risky it was, because they were concerned about LAN security.

I wouldn’t have thought “most users” would even know how to access router logs much less realize there was a foreign based bot attempting to connect, I guess that was just some users.

I thought implying the negative of being not concerned about LAN security if using DMZ is implying there is a potential issue. And that a user should investigate what might happen.

Of course most router documentation usually has big red flags around DMZ usage. And most router documentation talks about router firewall software, DoS, etc. The fact that a router might have that software could lead a user to think that something out in the wild of the internet might just try to poke their IP address.

But that’s just me.

TLDR: Don’t

What most routers call a DMZ is not truly one. A true DMZ has a firewall between it and the internet and a second between it and the internal network. On a home router DMZ just means all ports are open to that device. It is more of a big old hole in your protection than a DMZ.

In the specific case of the Tablo the 2 remote ports are specifically designed by the manufacturer to be secure on the internet. The rest of the open ports on the Tablo are not necessarily secure and are designed for internal trusted connections. By putting it in the router’s DMZ you open all those ports to the internet.
At best an external hacker could access your Tablo and change some settings. At worst, they could find an exploit that works on the Tablo’s OS and then have malicious software running on it. Since the Tablo is on your inside network anything a hacker could get running on it would potentially have access to every device on your home network.