Lab – Configure Firewall Settings Answers

Last Updated on July 28, 2020 by Admin Lab – Configure Firewall Settings Answers

Lab – Configure Firewall Settings (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.


In this lab, you will configure firewall settings to use MAC address filtering, a DMZ, and single port forwarding on a wireless router to manage the connections and traffic through the wireless router.

Background / Scenario

You recently purchased a wireless router for your home and want to configure MAC filtering to limit the number of devices connecting to the network wireless. Furthermore, you would like to allow your game console to be connected from the Internet by enabling DMZ. As an alternative to enabling DMZ, you will manually forward the specific ports for the desired games.

Answers Note: You will need to provide unique router address settings, DHCP server settings, SSID for each router in the classroom, and a router access password.

Required Resources

  •       A Windows computer with wired and wireless network cards installed
  •       Wireless router
  •       Ethernet patch cable


Part 1:  Log into the Wireless Router

Step 1:  Connect the computer to the router.

  1. Ask the Answers for the following information that is used during the lab and record the information below.

Answers Note: You will need to provide the student with the following information for the router:

IP address, subnet mask, DHCP start IP address and the maximum number of users, router password, and router name#. Where # is a different number assigned to each router.

For example:


Router Address Information:

IP address:


Subnet mask:


Router name:

Example: ITE

DHCP Server Setting Information:

Start IP address:


Maximum number of users:

Example: 50

Default Router Access:

Router Username / Password:

Example: admin / password

Assigned SSID:

Your Assigned SSID:

The Answers assigns your router’s SSID.

Note: Only use configurations assigned by the Answers.

  1. Plug in the power for the wireless router. Boot the computer and log in as an administrator.
  2. Connect the computer to one of the Ethernet ports on the wireless router with an Ethernet patch cable.

Note: If this is the first time connecting to the lab router, follow these instructions to set a network location. This will be explained later in the course.

  1. If prompted by the Set Network Location window, select Public network. Click Close to accept the network location Public.
  2. Open a command prompt and type ipconfig to determine the IP address of the default gateway, which should be the IP address of your wireless router. If it is necessary to renew the IP address, enter ipconfig /renew at the prompt.

What is the default gateway for the computer?

Answers may vary –

Step 2:  Log in to the router.

  1. Open Microsoft Edge or other web browsers. Enter the IP address of your default gateway in the Address field, and then press Enter.
  2. In the Windows Security window, enter administrative user credentials provided by your Answers.

Part 2:  Configure Firewall Settings

In this part, you will configure the firewall settings on the router. You will configure MAC filtering to control the devices that could connect to the local network wirelessly. You will also configure the DMZ and single port forwarding to allow forwarding of external traffic to a device in the local private network.

Note: The steps outlined in this part may not be the same for your router. Please refer to the manufacturer’s instruction manual for your specific router.

Step 1:  Configure MAC filtering

MAC filtering requires the router to check if the devices are allowed to connect the network. This could prevent malicious network activities from unauthorized devices. Although it is difficult to spoof the MAC address because it is hardware-encoded, determined hackers can still circumvent this security feature.

  1. The MAC filtering setting, if available, is generally associated with the advanced, wireless, security or firewall settings.
  2. Enable MAC filtering.
  3. Deny or allow access for the listed MAC addresses.
  4. Add the MAC addresses to the MAC filter list.
  5. Save the settings.

Step 2:  Configure DMZ

A wireless router can block attempts by devices from an external network, such as the internet, to connect to the devices on a private local network. If there is a need for a device to connect to devices on the local network, the DMZ can be enabled on the router. When the DMZ is enabled, all traffic originating from an external source is forwarded to a single device on the local network.

Note: When a DMZ is used to forward all the inbound traffic to a device on the local network, the local device is no longer protected by the router’s firewall.

  1. The DMZ setting, if available, is generally associated with the advanced, security, or firewall settings.
  2. Enable DMZ.
  3. Specify a range of IP address or any source IP address.
  4. Provide the IP address or MAC address of the host in the DMZ.
  5. Save the settings.

Step 3:  Single Port Forwarding

Port forwarding allows remote computers to connect to specific services on a specific device within a private local network based on the source IP address, destination TCP port number, and other characteristics of the traffic.

Depending on the router model, more than one port forwarding rule could be configured. With more than one rule configured, the order of the rule on the screen determines the order in which the packets are checked against the rules.

  1. The single port forwarding setting, if available, is generally associated with the application/game or firewall settings.
  2. Enable single port forwarding and input the desired applications, internal and external ports, protocol and IP address.
  3. Save the settings.

Reflection Question

For your router model, what are other available firewall configurations? List them and describe their functions below.

Answers will vary depending on the router model. For example, access rules or access control can control the Internet activities of the hosts in the local private network using access control policies based on IP addresses and time of day.