Bright Box 2 Wireless Router - firewall features

The Bright Box router's firewall is enabled to help protect your computer and devices. It does allow all outgoing traffic from devices connected to your router.

This article explains the key features of your Bright Box router's firewall.

If you're interested in setting up port forwarding or port triggering you'll find more help in one of the articles below:

View firewall settings

To view firewall settings from a computer connected to your Bright Box 2:

  1. Go to 192.168.1.1 (opens in a new tab or window)

    Enter 192.168.1.1 into browser address bar

  2. The router's LOGIN SCREEN will open

    Router's admin pages

  3. Enter the username and password for the admin pages

    - The username is admin (all lower case)
    - The password can be found on a sticker on the bottom of your router

    Bright Box 2 sticker

  4. Select LOGIN

    Enter the username and password for the router's admin pages

  5. The STATUS page will open

    status page

  6. Select ADVANCED from the menu and click ACCEPT

    Select ADVANCED and then choose ACCEPT

  7. Select Firewall in the left hand menu

    Firewall menu option selected

From here, you can check and change the settings for your firewall.

Enable/Disable the firewall

By default, the firewall on the router is enabled. If you want to disable the firewall as a test (for example to see if the problem with an internet application is caused by the router's firewall) follow the steps below:

  1. Log in to the Bright Box 2 admin pages and navigate to the Firewall menu in ADVANCED
  2. Select Disable in Firewall features
  3. Click SAVE SETTINGS

    Disable option selected - SAVE SETTINGS highlighted

  4. Settings will be applied
    Applying changes

To enable the firewall at the end of your test, simply reverse the instructions, selecting the Enable option.
 

Set up Access Control

Access control on the Bright Box router helps you to control what your internet connection is used for by people connected to your home network. Rules can be put in place for every computer and device connected to your home network, or for a specific computer. You can select from a list of commonly used applications, (e.g. web pages, outgoing mail, or FTP) or specify your own service based on the port the application uses.

We'll use blocking all web sites as an example, however you adapt the instructions.

  1. If you want to create a rule for one or a couple of devices, reserve an IP address first.
  2. Log in to the Bright Box 2 admin pages and navigate to the Firewall menu in ADVANCED
  3. In the Firewall menu, select Access Control




  4. Select Add Device Filtering Rule

    WWW blocked

  5. Give your rule a name - in the example below our rule is called Block Websites
  6. In the Client Device IP Address field, enter either:

    - One IP address, e.g. 17~17
    - A range of IP address e.g. 17~24
    - For all devices connected to your router e.g. 2~254

  7. In Client Device Service you'll find a list of services you can restrict traffic for - in the example below, we've selected Blocking in the WWW field



  8. You can also restrict traffic to both TCP and UDP ports - one for expert users
  9. Scroll to the bottom of the page
  10. In the Scheduling Rule menu, select ALWAYS BLOCKING
  11. Click SAVE SETTINGS to add the rule


    Select 'Always Blocking'


  12. Settings will be applied
    Applying changes

  13. Your rule will be displayed
  14. If this is the first rule you've created, select Enable in Filtering function and SAVE SETTINGS



  15. Your settings rule will be applied
    Applying changes

  16. You can select to Edit, or Delete your rule at any time, for example if you wish to restore access, or add more devices to the list
     

URL blocking

URL blocking on the Bright Box router allows you to restrict up to 30 websites from being accessed by either all computers, or specific computers or devices on your home network.

The example below shows how you would block a particular computer from viewing a particular website, for example www.example.com.

  1. Start by reserving an IP address for the devices you want to block from viewing specific websites
  2. Now, from the admin pages, navigate to the Firewall menu in ADVANCED
  3. Select URL Blocking

    URL Blocking menu highlighted

  4. Enter the URL of the web address you wish to block, e.g. www.example.com, or just a key word out of the URL, e.g. example

    example.com entered into Site 1 field

  5. You can block up to 30 sites, or key words.
  6. Scroll to the bottom of the page, and click SAVE SETTINGS


    SAVE SETTINGS button highlighted

  7. Your changes will be applied

    Applying changes

  8. Next, select Access Control In the Firewall menu

    Access Control highlighted in the Firewall menu

  9. Select Add Device Filtering Rule

    WWW blocked

  10. Give your rule a name - in the example below, our rule is called URL Blocking
  11. In the Client Device IP Address field, enter either:

    - One IP address, e.g. 17~17
    - A range of IP address e.g. 17~24
    - For all devices connected to your router e.g. 2~254

  12. In Client Device Service select Blocking in the WWW with URL blocking - this will block the addresses you entered in your URL blocking list



  13. Scroll to the bottom of the page
  14. In the Scheduling Rule menu, select ALWAYS BLOCKING
  15. Click SAVE SETTINGS to add the rule


    Select 'Always Blocking'

  16. Settings will be applied
    Applying changes

  17. Your rule will be displayed

    ACCESS CONTROL - FILTERING TABLE with rules listed

  18. If this is the first rule you've created, select Enable in Filtering function and SAVE SETTINGS



  19. Your settings rule will be applied
    Applying changes

  20. You can select to Edit, or Delete your rule at any time, for example if you wish to add or remove websites (URLs) to your list.

Note: we don't recommend this as a complete parental control solution. Instead you may be interested in our Norton™ Family offer.
 

Add a Scheduled Rule

If you want to restrict internet traffic at particular times of the day (or night), you can create your own scheduled rule to use within Access Control.

In this example, we're going to set up a scheduled rule to block all internet traffic between the hours of 9pm to midnight.

  1. Start by reserving an IP address for the computer or computers you wish to restrict internet traffic for
  2. Now, from the admin pages, navigate to the Firewall menu in ADVANCED
  3. Select Schedule Rule

    Schedule Rule highlighted in the Firewall menu

  4. From the schedule rule page, select Add Schedule Rule


    Add scheduled rule highlighted

  5. Enter a name and comment for the rule - in the example below we've called our rule Block 21-23.59
  6. In the Active Time Period field, enter a time for the rule - in the example below we want the rule to be active every day between the hours of 21:00 and 23:59
  7. Click SAVE SETTINGS

    Schedule Rule page - example name and times entered

  8. The scheduled rule will be saved
    Applying changes

  9. Your rule will be displayed

    Schedule rule - IP address examples

  10. Next, select Access Control

    Access Control highlighted in the Firewall menu

  11. Give your rule a name - in the example below our rule is called block 21-23.59

    Rule Description and Client IP Address range entered on Device Filtering Rule page

  12. Scroll to the bottom of the page
  13. Click to tick the TCP and UDP options under Block


    Block selected in the TCP and UDP menu


  14. In the Scheduling Rule menu select your rule - in the example below this is Block 21-23.59
  15. Click SAVE SETTINGS

    Block 21-23-59 rule selected

  16. Your rule will be saved
    Applying changes

  17. If this is the first rule you've created, select Enable in Filtering function and SAVE SETTINGS


    Enable Filtering function highlighted

  18. Your settings rule will be applied
    Applying changes

 

Manage Intrusion Detection

If you want to disable a specific feature of the Bright Box router's firewall as a test (for example to see if the problem with an internet application is caused by the router's firewall) follow the steps below:

  1. Log in to the Bright Box 2 admin pages and navigate to the Firewall menu in ADVANCED
  2. Select Intrusion Detection
  3. From here you can select to Enable or Disable the firewall

    Intrusion Detection highlighted in the Firewall menu

  4. You can also select to disable any of the specific firewall features below

    - TCP Connection
    - UDP Session
    - FTP Service
    - H.323 Service
    - TFTP Service
    - SIP Service
    - RTSP Service
    - L2TP Service
    - PPTP Service
    - IPSec Service

  5. By default all ping attempts to your WAN are discarded, however you can also select to disable this

    Intrusion Detection Feature section

  6. Once you've made your required changes, click SAVE SETTINGS

    Intrusion detection page
  7. The changes you've made to your firewall will be saved

    Applying changes

 

Set up MAC filtering

As an added security feature, you can enable the MAC filter on your Bright Box router. This means that only computers or devices with a MAC address that you approve can use your internet connection.

To do this, follow the steps below:

  1. Log in to the Bright Box 2 admin pages and navigate to the Firewall menu in ADVANCED
  2. Select MAC Filter

    MAC filter menu selected

  3. Next to MAC Address Control select Enable

    Enable MAC Address Control

  4. Enter the MAC address(s) of the computer(s) or device(s) you wish to allow access to
  5. The easiest way to do this is to scroll to the bottom of the MAC filter page, locate your device in the DHCP client list, and select Copy To - this will automatically insert your MAC address into the chosen field


    Locate your device's MAC address in the DHCP Client List, and select COPY TO

  6. Alternatively, you can type the MAC address of the computer or device that you wish to allow access into the MAC address field




  7. Once you've entered all the required MAC addresses click SAVE SETTINGS



  8. The changes you've made will be saved

    Applying changes

 

Note: If you experience problems connecting to your router after changing settings, you may need to reset your router to factory default settings.
 

Add a computer to the DMZ

If you think your Bright Box router is stopping a particular application (e.g. an online game or video conferencing) from working correctly, you can temporarily add the computer or device into the Demilitarized Zone (DMZ) as a test. While this is safer than completely disabling your firewall, we suggest that you don't leave your computer unprotected in the DMZ.

Before adding your computer to the DMZ, you'll need to reserve an IP address for your computer (or device). You can do this from the DHCP option in the ADVANCED menu. You'll find more help in the article reserving an IP address.

To add the computer to the DMZ:

  1. From your router's admin pages, navigate to the Firewall menu in ADVANCED
  2. Select DMZ

    DMZ highlighted in the Firewall menu

  3. In the Enable DMZ select Enable
  4. Enter the IP address for the computer that you wish to add to the DMZ - in the example below we reserved the IP address 192.168.1.17
  5. Click SAVE SETTINGS

    DMZ page - Enable highlighted

  6. The changes you've made will be saved
    Applying changes

Was this article helpful?

Thank you.

Thank you.

Thank you.

Thank you.

Thank you, now you can press any tab to choose why this article is not helpful.

Your response was sent. Thank you.

Getting the most from EE

Services and offers we have for you