I don't think I've ever heard a compelling argument for not doing this. I know some say it is a security issue , but why?

If your ATA is after the DSL Modem (mine is a RT31P2) and is feeding your main router (mine is a WRT54GL) isn't the router still handling traffic flow in and out or your network?

DSL Modem-->RT31P2-->WRT54GL.

Thanks
Jeff

I would think it would be fine, as long as every other device is plugged into your router, it should be behind your firewall. To me this would be the ideal situation if you're on cable internet (DHCP). It's not any different than putting the ATA in the DMZ.

Putting the ATA in the DMZ has always been a questionable practice, due to opening of possible security breaches.

Isn't putting the ATA in the DMZ just opening the ATA to the internet or does it allow other devices at risk?

Isn't putting the ATA in the DMZ just opening the ATA to the internet or does it allow other devices at risk?

Correct, it just allows the ATA to be exposed to the internet. Some newer routers limit the exposure so that's it is not true DMZ. I run my ATA behind my router since my router will forward the necessary ports automatically and still let me have my firewall enabled. In most cases, I actually think you are more secure with your ATA in front of the router and have your router firewall enabled. Most routers with an ATA behind requires the firewall on the router to be disabled. As long as the ATA has a strong password and is changed routinely (something VOIPo does do) you are not at much risk with the ATA in front of your router.

I think that it may be relative as to whether he is using the RT to provide the PPPoE or whether the Linksysys doing so and the DSL modem is simply bridged.

Some folks find the ATA/Router limiting throughput. If you're one who cares about such things, run some speed tests and see if there is any difference.

Some folks find the ATA/Router limiting throughput. If you're one who cares about such things, run some speed tests and see if there is any difference.

If you're suggesting utilizing the ATA as a router, I found that the bandwidth is impacted when it is set up like this.

I find a decent stand-alone router difficult enough to keep running properly. The bundled devices have never done too well for me, but I suppose if a person has only one PC and wants to incorporate VOIP with a bundled device, it might be OK.

If you're suggesting utilizing the ATA as a router, I found that the bandwidth is impacted when it is set up like this.


Correct. Since folks were discussing putting the ATA before or after the router, I was pointing out that putting it before could impact bandwidth.

Correct. Since folks were discussing putting the ATA before or after the router, I was pointing out that putting it before could impact bandwidth.

Bandwidth is somewhat vague. A simple environment with just a few people surfing the web? No problem. Start streaming content via Netflix, DirecTV, or other online media servers that can spit out HD content? Mix that with BitTorrent? Things will start to slow down. The issue, as I've read elsewhere, is the memory and CPU speed needed to handle the NAT table. BitTorrent especially puts high demands on NAT. If the router isn't able to keep up, things slow down.

Also figure in the reduced capabilities of the ATA-as-a-router as compared to a cheap Linksys WRT54GL running Tomato or DD-WRT. QoS on Tomato vs any ATA (or even DD-WRT)? No comparison. But is the QoS in an ATA "good enough" for many people? Sure. For me? Not a chance.

I'm having success running a WRT54GL with Tomato in front of a PAP2T. My sig has the important config settings I needed to change.

I found that my VOIPo service simply did not work when I put the ATA (RTP312) in front of the router. The service would go offline frequently. Too bad, as I would prefer it there.

I moved mine to behind the router because I felt uncomfortable with the passwords (two or more) being unique, proper, and controlled.

There's no means to to DYNDNS or equiv. This is a show stopper.

And other port forwarding and triggering capabilities are missing. The cascaded routers and double-NAT is hard to manage, for a home like mine that has 3 IP cameras, private, me-only HTTP server and FTP server.