Hello
Some modem/routers you can put into bridge mode and then attach a regular router to it also. That way you don't have a double nat.
@ delphinium @ floplot
my setup is one work station & wired (obviously)
the only options with my ISP several years back...were the vanilla Motorola (free w $50 credit) or a 2-wire gateway for $50
the options havn't changed (info on website) other than the incarnation of the devices would be newer
I'll contact tech support for info...doubt I'll get anything for free
thanks for the heads up re double NAT error...
supposed to have three settings
| PPP is on the modem. This is the normal mode for this modem when connected to a single computer. In this mode, the PPP session is initiated from the modem. Gateways and routers should work in this mode but their configuration may have to be changed to do so (e.g., you may need to have the gateway/router IP address changed to 192.168.1.1). |
| PPP is on the computer. This mode is normally used if you need to run a PPPoE client on your PC. This mode can be used with a gateway or router which initiates a PPPoE session. To return to the DSL modem user interface you will need to directly connect your PC to the modem without any gateway or router between the modem and the PC. |
| Bridged Mode (PPPoE is not used). This mode must be used if you are connecting to a non-PPPoE network. Selecting this mode will cause the modem to automatically restart. |
May be more trouble than it's worth...I'll check....funny, China has been quiet ... (since the patch)
Hope they don't see this post 
thanks again for your continued interest and information
Cheers
wow another thread people are way too panicky about simple -t4 port scans from one of the many chinese botnets although i do find the HELP! Someone Is trying To Hack Into My Computer! title of the other thread funny
From DShield: https://secure.dshield.org/ipinfo.html?ip=125.45.109.166
THOUSANDS OF REPORTS
since 4/27 thru today for this IP https://secure.dshield.org/ipdetails.html?ip=125.45.109.166
bjm:
I had a 2Wire router. They are extremely secure and have a very effective firewall. I never did manage to find a way to connect to an ftp site, but they are an excellent device.
@ delphinium
re > I had a 2Wire router.
My ISP will sell me their supported 2-wire gateway for $100.00
per my ISP how to support page... I use 'PPP is on the computer' to mate my ISP supported modem to a third party router. ISP will not discuss third party devices with me... if I ever needed ISP connectivity support I would have to be setup wo a third party device. "Don't ask em' ~ Don't tell em' bout no third party device" 
funny, China has been quiet ... (since the patch)
Hope they don't see this post
Hi bjm_,
Your setup is confusing me and there are some loose ends I cannot quite tie up. Is your modem actually set at "PPP on the computer." Does it connect to your PC through a router behind it, or directly?
Hi SendOfJive
re> Is your modem actually set at "PPP on the computer."
No, currently with just the ISP supported modem ~ my setup is "PPP on the modem"
from what I can decipher (which ain't much) I need "PPP on the computer" to bridge to a router ....like floplot mentioned earlier ~ quote > Some modem/routers you can put into bridge mode and then attach a regular router to it also. That way you don't have a double nat. <
the info I've found at my ISP help site and Belkin site seem to agree bout bridge mode...from what I can decipher...which ain't all that much....and that's with pictures too 
Hard to teach an old dog (woof) new tricks
Hi bjm_,
I've been looking into this a bit and it is confusing. As near as I can figure PPP on the modem has the modem acting much like a router authenticating the connection, having an internet address and doing NAT. Bridge mode of course passes everything through to a router which handles all of the aforementioned tasks, so the modem is pretty much dumb. Searching some forums it seems that PPP on the computer is sort of an in-between state that even folks familiar with networking cannot quite pin down with assurance. It appears that in PPP on the computer mode the modem still retains a Local IP address (the one you used earlier to check if any NATing was going on). The authentication is handled by the router which gets assigned the internet address from your ISP. So in this mode the modem would not be be doing any NAT and is acting more like a smart bridge than a router.
I started researching this because you seem to be shielded from the internet by the modem's NAT, yet in another thread you posted that Norton was reporting the same Chinese portscans that were being noted by several other people. The modem NAT should have blocked those, I think, so there is sort of a mystery here. If you had the modem in PPP on the computer mode it would explain everything, but since you are in PPP on the modem mode, it's back to the drawing boards.
Some discussions I found on the topic:
http://www.broadbandreports.com/forum/remark,17049953
http://www.dslreports.com/forum/r19596638-Motorola-2210-and-pingable-WAN-address
Hi SendOfJive
Maybe be PPP on the modem will work provided I change the router IP...my only info is based on
http://www.att.com/esupport/article.jsp?sid=KB401538&cv=102&cv=746,902,102
http://www.att.com/esupport/article.jsp?sid=KB401764
as per ask-leo info So if your computer is connected directly to your broadband modem, and you have a "192.168." address, then your modem is acting as a NAT router.
my modem may be acting like a NAT but, the Intrusion Attempts are seen/reported/logged on my computer ...
my modem home page has PPP Loaction as "PPP is on the modem"
>> PPP is on the modem. This is the normal mode for this modem when connected to a single computer. In this mode, the PPP session is initiated from the modem. Gateways and routers should work in this mode but their configuration may have to be changed to do so (e.g., you may need to have the gateway/router IP address changed to 192.168.1.1). <<
The info from my ISP support page to use PPP is on computer may be wrong?
My modem home page has three PPP Location options PPP on modem, PPP on computer and Bridge Mode (see earlier post for three option wording)
If the ISP support pages open for you to view ~ page 1)How do I set up Home Networking and Enable Bridge Mode? offers only two options ~ PPP is on the modem or PPP is on the computer, gateway or router & page 2)How do I connect a third party router to my AT&T Internet connection. page 1 points to PPP is on computer,gateway or router and page 2 points to PPPoE for the connection type on Belkin router.
I'm probably just confusing the whole issue as my modem home page has three Location options and the support page only calls out two Location options. The 2210-02-1002 is the same but the pics don't reflect my home page.
Now, that I've confused myself....I'll say Thanks and Good Night.
PS ~ My last Intrusion Attempt was on the 20th a few hours before the patch...since, patch install no IA History....IDK
Cheers
我来自中国。每个国家都有黑客。我们中国用户一样被国外黑客攻击。在我们中国有不少的symantec用户
Hi bjm_,
The Ask-Leo advice may not be true in the case of having your modem set to PPP on the computer mode. It appears that in that case the modem retains a local IP address for easy access, even though NAT and other gateway functions are handled by the router instead. So if you are not using a router PPP on the modem is what you want to use, as you are. If you install a router you will want to use PPP on the computer or bridged ethernet to avoid double NATing and other connectivity problems. There appear to be some differences in the firmware of the Motorola 2210 depending on your specific ISP provider. The following article at DSL Reports is for the 2210-02-1006 as supplied by AT&T Southeast, so while it may not be the exact model you have, it should give you a general idea of what is involved. One really cool thing to look at that is mentioned in the article, AT&T provides a webpage with a modem GUI simulator, so you can practice changing the various settings before attempting the real thing.
Hello SendOfJive
PPP is on the modem is the default. Based on my ipconfig IP info & ask-leo my modem is acting like a NAT... and the fact that Intrusion Attempts get to my computer suggests it not acting like a NAT. AT&T Southeast offers the 2210-02-1006 ~which appears to have FW and a user friendly GUI compared to mine which is pure vanilla. Like you, I found all the info points to the 1006. Try a search ~ AT&T Southwest Forum FAQ and zip. The simulator is cool but, it's for the 1006.
Anyway, thanks again for your interest and all your supportive efforts... I thought of adding a router to the circuit to have a Hardware FW and to stop the Intrusion Attempts before my computer.
So, if I install a router I want to use PPP on the computer "or" bridged ethernet to avoid double NATing and other connectivity problems. The "or" is my ? Guess, trial and error will be my mantra. Not fully understanding each "or" ... and not knowing if either "or" Location is better or just a different setup to achieve the objective.
*** PPP is on the modem. This is the normal mode for this modem when connected to a single computer. In this mode, the PPP session is initiated from the modem. Gateways and routers should work in this mode but their configuration may have to be changed to do so (e.g., you may need to have the gateway/router IP address changed to 192.168.1.1).
Reads like all I have to do is use a compatible/non-conflicting IP on the router. IDK if that resolves the double NATing....funny, the text suggests routers should work in this mode and no hint of double NATing error.
I do read your advice > use PPP on the computer or bridged ethernet to avoid double NATing and other connectivity problems. Reading and comprehending ...well, that's the rub.
My parents were Circus people and I was Home School'd.
Hi bjm_,
Since the modem is doing the NAT chore there is no reason to install a router unless you really need one, as the primary security benefit of a router is also NAT. I am still puzzled as to why you saw the same portscans as others were reporting. Check your Norton firewall log to see if there are frequent portscans appearing there. I might suggest clearing your Norton firewall history after you check it and then monitoring it closely for a while to see if you get any more portscans (other than an occasional rogue DNS reply using port 53, which is is a common false positive), If the modem is doing full NAT, you should not see any portscans.
Hi SendOfJive
Had two Portscans today...China and 12200 ...they come in 8 min apart... same traffic. I know about Port 53 as DNS.
re> If the modem is doing full NAT, you should not see any portscans. Must not be full NAT cause I sees em'
ask-leo info must be generalizing and i'm the exception.
I have been monitoring the History....the 53's have taken a holiday and 12200 is OTJ
Good thing Norton doesn't get tired or skip a beat.
Blessings upon you
"Had I kept silent I would have passed for a wise man."
Hi bjm_,
If it has been several years since you got the modem you could check with your ISP and see if the ones they currently provide use NAT (many now do, as floplot pointed out). You might be able to swap what you have for the latest. Or get a router. Or let Norton handle things as it has been doing.