Tim:
If you did things like SSH in from the outside world, or accept other incoming connections, then you will strike problems. Their equipment would act as a firewall. That's why people say put it into bridge mode, then it's virtually transparent.
Joe Zeff:
You should be able to tell the router to forward incoming SSH to one IP address, and set that machine to have a static IP and only get DNS from DHCP. I know, because I had my home LAN set up that way for over a decade and it worked like a charm.
If he's stuck with having to use their modem/router, and it's not good enough for his purposes and needs to use his own router, as well. Then he's got two choices for allowing incoming connections (if he even wants to do that):
1. Put their modem/router in bridge mode, where it acts as a pipe between ISP and his own router. It won't do anything to traffic going through, he can control everything on his own router.
2. Daisy chain his own router with theirs, have double NAT, have to forward things through their router, and forward things through his own router, as well. That's messy, annoying, and problematic with certain protocols.
=========
Here, in Australia, many ISPs supply you with their preconfigured modem/router, and make you pay for it upfront, or amortise it across an enforced contract period. Quite often, you don't really need their equipment, but some ISPs won't let you avoid it. Some of them, like my ISP, bastardise the thing so you only have limited control over it. And they remotely control the firmware. Ostensibly, that's so they can keep it up-to-date regarding bugs. But they also remove features that you might actually want.
I don't beleive Bob's said what particular modem/router he's been lumbered with, to see if anyone can offer some direct advice.