Bright Box router - firewall features


The Bright Box router's firewall is enabled to protect against external intrusion. However it does allow all outgoing traffic from devices connected to your router.

This article explains the key features of the Bright Box router's firewall.

If you're interested in setting up port forwarding or port triggering you'll find more help in one of the articles below:

View firewall settings

To view firewall settings from a computer connected to your Bright Box router:

  1. Go to 192.168.1.1
    Enter 192.168.1.1 into browser address bar

  2. The router's login screen will open

    Router's admin pages

  3. Enter the username and password for the admin pages

    - The username is admin
    - You'll find the password printed on a sticker on the bottom of the router next to admin password

  4. Click Login
    enter the username and password for the router's admin pages
  5. The Status page will open

    status page
  6. Click on the Advanced Set-Up tab
  7. You'll be prompted to proceed with caution - click Accept

    Click accept

  8. Select Firewall in the left hand menu

    Firewall menu option selected

 

From here, you can check and change the settings for your firewall.

Enable / Disable the firewall

By default, the firewall on the router is enabled. If you want to disable the firewall as a test (for example to see if the problem with an internet application is caused by the router's firewall) follow the steps below:

  1. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this above
  2. Select Disable in Firewall Features
  3. Click Save Settings

    Select Disable

  4. Settings will be applied

    Applying changes - please wait.

To enable the firewall at the end of your test, simply reverse the instructions, selecting the Enable option.
 

Set up Access Control

Access control on the Bright Box router helps you to control what your internet connection is used for by people connected to your home network. Rules can be put in place for every computer and device connected to your home network, or for a specific computer. You can select from a list of commonly used applications, (e.g. web pages, outgoing mail, or FTP) or specify your own service based on the port the application uses.

Before setting up Access Control, it's a good idea to reserve an IP address for your computer (or device). You can do this from the DHCP option in Advanced Set-up. You'll find more help in the article reserving an IP address.

Once complete, the example below shows how you would block a particular computer from viewing websites.

  1. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this above
  2. Select Access Control

    access control selected from firewall menu

  3. Give your rule a name - in the example below our rule is called Block websites
  4. In the Client Device IP Address field, enter the IP address of the computer or device you wish to block from viewing web pages. In the example below, IP address 192.168.1.17 has been used
  5. In the list of services, click to tick WWW to block web pages

    WWW blocked

  6. Scroll to the bottom of the page
  7. In the Scheduling Rule menu, select Always Blocking
  8. Click Save Settings to apply the rule

    Select 'Always Blocking' and then OK.

  9. Settings will be applied

    Applying changes - please wait.

  10. Select to Enable the Filtering function and click Save Settings

    Access Control page - enable selected

  11. The new access control rule will be saved

    Applying changes - please wait.

  12. You can select to Edit, or Delete your rule at any time, for example if you wish to restore access, or add more users to the list
     

URL blocking

URL blocking on the Bright Box router allows you to restrict certain websites from being accessed by either all computers, or specific computers or devices on your home network.

The example below shows how you would block a particular computer from viewing a particular website, for example www.example.com.

  1. Start by reserving an IP address for the computer you wish to block from viewing specific websites
  2. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this above
  3. Select URL Blocking

    URL blocking menu highlighted


  4. Enter the URL of the web address you wish to block, e.g. www.example.com, or just a key word out of the URL, e.g. example

    example.com entered into Site 1 field

  5. You can block up to 30 sites, or key words.
  6. Scroll to the bottom of the page, and click Save Settings


    Save Settings button highlighted


  7. The URLs or key words will be saved

    Applying changes - please wait.

  8. Next, select Access Control

    access control selected from firewall menu

  9. Give your rule a name - in the example below our rule is called URL blocking
  10. In the Client Device IP Address, enter the IP address of the computer or device you wish to block from viewing web pages. In the example below device with IP address 192.168.1.17 has been used
  11. In the list of services, check to select WWW with URL blocking - this will block the URLs you've entered on the URL blocking page

    WWW blocked

  12. Scroll to the bottom of the page
  13. In the Scheduling Rule menu, select Always Blocking
  14. Click Save Settings to apply the rule

    Select 'Always Blocking' and then OK.
  15. Settings will be applied

    Applying changes - please wait.


  16. Select to Enable the Filtering function and click Save Settings

    Enable highlighted on Access Control page

  17. The new access control rule will be saved

    Applying changes - please wait.

 

Add a Scheduled Rule

If you want to restrict internet traffic at particular times of the day (or night), you can create your own scheduled rule to use when setting up Access Control.

In this example, we're going to set up a scheduled rule to block all internet traffic between the hours of 9pm to midnight.

  1. Start by reserving an IP address for the computer or computers you wish to restrict internet traffic for
  2. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this in the section above
  3. Select Schedule Rule

    Select schedule rule

  4. From the schedule rule page, select Add Schedule Rule

    Add scheduled rule highlighted

  5. Enter a name and comment for the rule - in the example below we've called our rule Block 21-23.59
  6. In the Active Time Period field, enter a time for the rule - in the example below we want the rule to be active every day between the hours of 21:00 and 23:59
  7. Click Save Settings

    OK selected

  8. The scheduled rule will be saved

    Applying changes - please wait.

  9. Your rule will be displayed

    Schedule rule - IP address examples

  10. Next, select Access Control

    access control selected from firewall menu

  11. Give your rule a name - in the example below our rule is called block 21-23.59

    Client IP Address range entered

  12. Scroll to the bottom of the page
  13. Check TCP and UDP
  14. In the Scheduling Rule menu select the name you gave to your rule - in the example below this is Block 21-23.59
  15. Click Save Settings

    Check TCP and UDP, select the name of your scheduled rule and then click OK.

  16. The access control rule will be saved

    Applying changes - please wait.

  17. Select to Enable the Filtering function and click Save Settings

    Save Settings button highlighted

  18. The new access control rule will be saved

    Applying changes - please wait.

 

Manage Intrusion Detection

If you want to disable a specific feature of the Bright Box router's firewall as a test (for example to see if the problem with an internet application is caused by the router's firewall) follow the steps below:

  1. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this above
  2. Select Intrusion Detection

    Intrusion Detection menu


  3. From here you can select to disable the firewall
  4. You can select to disable any of the specific firewall features below

    - TCP Connection
    - UDP Session
    - FTP Service
    - H.323 Service
    - TFTP Service
    - SIP Service
    - RTSP Service
    - L2TP Service
    - PPTP Service
    - IPSec Service

  5. By default all ping attempts to your WAN are discarded, however you can also select to disable this
  6. Once you've made your required changes, click Save Settings

    Intrusion detection page

  7. The changes you've made to your firewall will be saved

    Applying changes - please wait.

 

Set up MAC filtering

As an added security feature, you may like to enable the MAC filter on your Bright Box router. This means that only computers or devices with a MAC address that you approve can use your internet connection.

To do this, follow the steps below:

  1. Open the Bright Box router's admin pages and navigate to the Firewall menu - you'll find help with this above
  2. Select MAC Filter

    MAC filter menu selected


  3. Select to Enable MAC Address Control

    Enable MAC Address Control

  4. Enter the MAC address(s) of the computer(s) or device(s) you wish to allow access to
  5. The easiest way to do this is to scroll to the bottom of the MAC filter page, locate your device in the DHCP client list, and select Copy To - this will automatically insert your MAC address into the chosen field
  6. Alternatively, you can type the MAC address of the computer or device that you wish to allow access into the MAC address field

    Locate your router in the DHCP Client List, and select Copy To

  7. Once you've entered all the required MAC addresses click Save Settings

    Click Save Settings

  8. The changes you've made to your firewall will be saved

    Applying changes - please wait.

 

Note: If you experience problems connecting to your router after changing settings, you may need to reset your router to factory default settings.

Add a computer to the DMZ

If you think your Bright Box router is stopping a particular application (e.g. an online game or video conferencing) from working correctly, you can temporarily add the computer or device into the Demilitarized Zone (DMZ) as a test. While this is safer than completely disabling your firewall, we suggest that you don't leave your computer unprotected in the DMZ.

Before adding your computer to the DMZ, you'll need to reserve an IP address for your computer (or device). You can do this from the DHCP option in Advanced Set-up. You'll find more help in the article reserving an IP address.

To add the computer to the DMZ:

  1. From your Bright Box router's admin pages, navigate to the Firewall menu - you'll find help with this above
  2. Select DMZ

    dmz selected from the firewall menu

  3. Click to Enable DMZ
  4. Enter the IP address for the computer that you wish to add to the DMZ - in the example below we reserved the IP address 192.168.1.17

    DMZ page - Enable highlighted

  5. Click Save Settings

    Click Save Settings

  6. The changes you've made will be saved

    Applying changes - please wait.

Was this article helpful?

Thank you.

GETTING THE MOST FROM EE

Services and offers we have for you

New to EE? Use our get started guides

Follow our step-by-step guides to help you get up and running with EE.

Discover more with our video guides

Watch our help and support videos to get the most out of EE and your phone.

Manage your account with My EE app

Keep track of your usage, manage your add-ons or pay your bill on the move.

Join the EE Community now

See what people are saying in the EE Community - get involved or get advice.