Officially, ATT supports "DMZ Plus" mode which should, in theory, accomplish what you wish. In fact up to around 24 months ago this worked quite well. I have my own router (handling NAT, DHCP, firewall, etc), my own Wireless APs. I turned on DMZ Plus on the ATT box, and disabled all other functions on that box (NAT, wireless, etc), and let my router manage those functions. (Single NAT only, no double-NAT)
This is all still currently officially supported (by ATT). However, recent firmware upgrades (last 24 months) on the Pace Router basically neuters this mode of operation, making it almost impossible to work. Folks seem to have better success with a Non-PACE router. But acquiring one is difficult.
I feel for Sonic here, having to really on ATT's entirely broken infrastructure. But them's the way things are currently.