Frontier Communications → [DSL] Basic Modem/router/PPPoE configuration question-am I protected?

I feel incredibly dumb having to ask this, but...

I've got a Netgear DSL modem that's also a router from Frontier, plus an Apple router of my own that I want to actually do the routing.

So with DSL you log in with that PPPoE with your username and password. You can have the modem log in to PPPoE, or you can have the router log in (or if you hook a PC to the modem directly, you can do PPPoE on the PC).

In the years I've had DSL, I somehow had the idea that you had to log in to PPPoE, have that configured on your router, or else it meant the modem/router was doing the routing/NAT for your network.

Tonight by accident, I left my router configured the same as I use for Comcast, where it's set to just use Ethernet instead of the PPPoE setting, and everything worked fine for hours, when I realized "wait a minute, I never flicked this over to PPPoE".

I know this is stupid, but how do I know *MY* router is routing and not the Netgear modem/router?

Does it matter whether I'm punching in my username/password on my router, or having the Frontier modem/router log in instead?

IPCONFIG is showing my default gateway is 10.0.1.1, which I guess is probably my Airport, not the Netgear.

The Airport's settings page shows "IP Address" as my external IP address, but then also shows "Router Address" as a different IP that seems like it's a Frontier IP. What's up with that?

The Airport is also still set to "Connection Sharing: Share a public IP address", and not bridge mode, nor is it showing a double NAT situation.

So...is MY router doing the routing for sure? The Netgear is logging in to Frontier, but otherwise is just acting as a modem? Somehow I got it in my head that I had to do the logging in from MY router and not from the Netgear/Frontier router, and maybe it makes no difference?

I'm paranoid about having my own gear be the router and provide a firewall for two reasons. First, TONS of routers over the years are constantly having absurdly horrible security flaws. Second, even aside from that, I don't want my ISP to have any possibility of "seeing" inside my network. I want the only thing it can 'see' to be external Internet traffic MY router has passed on to it/received from it.

Is this set up right? Yes, I feel stupid to ask, and stupid that possibly I've spent 7 years with a configuration that wasn't needed...

You are as protected as your routers are set for. Remember one thing man made it, so man an defeat it.

Your Apple router is seeing an ethernet connection because it is connected to another router (the Netgear) that is between you and the ISP which is still PPPoE.

If you review the FAQ at the beginning of the Frontier forum you can place the Netgear in bridge mode and let your Apple route do all the routing. But you will need to setup your Apple router for PPPoE with the log-in information. Here is link:

»Unoffical Frontier FAQ

I'm embarrassed I didn't see the modem settings stuff in the FAQ! Looks like it doesn't have anything about the Netgear/Westell 7550 and bridge mode, unfortunately.

So I guess last night I must have had a double NAT situation, even though my router didn't detect it. Maybe the modem/router can give out an IP that's not in a normal reserved IP range(?)

Anyway I stumbled across some posts on other forums regarding bridging these things, and I stumbled across Verizon's instructions for the similar 7500:
»www.verizon.com/Support/ ··· 3709.htm

and those instructions mostly jive with the instructions I've seen people give.

Like I had it before, I switch it to bridge mode (not routed bridge like the Verizon instructions say). Then, what I don't remember doing before, is also configuring the "LAN" setting portion on the "Private LAN" screen, unchecking "Private LAN DHCP Server Enable", but leaving "Private LAN Enable" checked, and everything else the same.

I clicked 'apply', rebooted the modem, then on my router switched from "Ethernet" to "PPPoE" again.

The "Internet" light on my modem is lit up where it didn't used to be-not sure if that's right. I can still access the modem's configuration page when I simultaneously connect a PC directly to the modem while another port is connected to my router-not sure if that's right either.

BUT, does it seem like the router should now be doing the PPPoE login and that I should be protected behind it, that it's doing DCHP and NAT?

I like the simplicity of my cable modem's "just plug it in" method LOL

If you have the 7550 configured correctly in bridge mode you should have only the power, one of the ethernet led's and the DSL led illuminated. The PPPoE log-in credentials should be setup in your Apple router. Normally once you place the 7550 in bridge mode you will no longer be able to access the web GUI unless directly connected to it. Take another look at how you have things configured.

That's what I thought-that I shouldn't be able to access the GUI on the modem and that the "Internet" light on the modem shouldn't be lit.

I'm baffled. I've got the modem set to bridge mode (not routed bridge). I've got my router set to PPPoE. I've got the modem set to NOT do "private LAN DHCP". I'm not sure what else to do :-/

I left that "Private LAN Enable" box checked as displayed in the last picture on this page:

»www.verizon.com/support/ ··· 3735.htm

Under the "VCs" section my 7550 modem has always displayed a whole ton of entiries, including a last one that I don't know what it means (can't recall what it says without looking at the page). In Verizon's configuration picture they only show the one VC:

»www.verizon.com/cs/group ··· 4079.jpg

I don't know if I tried deleting the rest of the entries that are there by default if that would do anything? When I switch to bridge mode all but 2 show as disabled anyway.

Since you've got a 7550 it looks like (if you're still using it) I should have asked...are you using your own router too, and if so what did you have to do to configure this right?

Yes, I use the 7550 ahead of a Ubiquiti ERPOE-5 router.

Try rebooting both the modem and the router. Make sure you do not have the versaport enabled, connect your router to E2,3,or 4 as sometimes the versaport causes issue. Is your router a Frontier branded 7550?

Okay, I'll double check about Versaport. I remember seeing that setting in there but can't remember more than that.

I've always had my Ethernet cable plugged in to something other than the first port as I think some documentation or other said not to use it to configure the modem.

Yeah, this is a Frontier branded Netgear 7550, complete with a big 800-number written across it.

Make sure you have the wireless turned off.

Thanks! Yeah, that's off at least.

AAARGH. Okay, Versaport is set to just be a 4th port.

Modem had magically gone back in to connection with PPPoE mode, I switched it back to bridge mode. None the less, the web server is still running/accessible from a PC hooked directly to one of the modem's ports.

My router is still showing a "router address" that's unrelated to my public IP and to my internal network IPs, so I don't know what that means.

There's still that "Enable Private LAN" checkbox I left checked. Not sure what happens if I uncheck it.

There's still a giant pile of VC's configured, the first one back in bridge mode, the last one that "ATMLPBK" one-no idea what that does, Googling that doesn't turn up anything.

My "Internet" light on the modem is out again, and my router still says it's connecting using PPPoE, soooo maybe it's finally configured right, despite the webserver still running on the modem?

I hate these all in one modems!

Meant to say there are a ton of VCs configured by default but only those two I mentioned are active, everything else is disabled.

AARGH. I switched my router back to "Connect using Ethernet" from PPPoE as I'm going to switch back to Comcast to do some testing there, and...I'm still connected to the Internet, despite the modem supposedly being in Bridge mode, despite it's Internet light being out.

*sigh*

Take it down to the basic setup and all over with the 7550. Somewhere you are missing something. Run the 7550 setup wizard again setting it up with the PPPoE connection and the proper credentials. Then connect at PC to the 7550 and make sure your internet connection is via the 7550. You should have an address in the 192.168.254.xx range. Then change the 7550 VC1 configuration to bridge. You should no longer have a connection to the internet. Then make sure your router that you are connecting to the 7550 is setup for PPPoE with the proper log-in credentials.

I found the 7550 to be flaky. I would just spend the $25 and get a strait modem and be done with it. Save the 7550 as a backup.

Does anyone sell stand alone DSL modems? Or even a modem/router that actually works?

I'd gladly pay $25...I'd gladly pay $200 if it would fix the problem!

I searched a while back and couldn't find much...seems like TPLink maybe sells one, but I don't want to buy from them unless there's no other option.

Hmm, I did find this Actiontec thing. It's a modem/router, but at least it's not Westell/Netgear!

»www.amazon.com/Actiontec ··· sl+modem

There's a Linksys and Dlink combo modem/router too.

If anything actually works right I'll gladly try it!

Hank, I'll try to run through that again tonight if I get a chance (messing with this AND Comcast and haven't eaten yet!)

Thanks for your help! Sadly, it's a million times better than Frontier lol

I have yet to have a problem with a TP-link item. I just got a TP-Link Archer D2 all-in-one duel band modem/router and it works great so far. I have also used the pocket routers and their $9 switches with no fails yet.

Here are 2 modems.

»www.amazon.com/TD-8616-D ··· 4JSYZ2?/

»www.amazon.com/Actiontec ··· 79VGC2I/

The airport is a great router. I wouldn't replace it if i already had one. I'ed roll the dice on the TD-8616 and use that with the airport. If it sucks return it. Worse case is you are out a few days. Best case is you got the job done for 22bux.

So very true.

Just re-reading some of your post. The router that you place behind the bridged 7550 has to be setup for PPPoE, preforming the Frontier PPPoE log-in and it will pull the IP address from Frontier. However you have the LAN setup on the Airport determines the IP address issued to your PC. I know you probably know all that but just wanted to throw it out there. Make sure the wireless on the 7550 is disabled. ZyXel used to make straight modems. Not sure they still do but you can check on the their web page. Good luck.