Interesting problem.

I would ask your boss to let you try it your way (a way that you are sure should work) and show him the results (a working network with a firewall in place).

I don't know your setup, but in most of the offices I support we have a DSL or Cable internet box. From that we go to a firewall box (linux machine with two NIC's). From there we go to a switch and all of the winders machines have a static IP address.

The linux box can be set up for either static or DHCP on the untrusted side (the side that plugs in from the firewall to the DSL/Cable).

If you NEED a static IP, then you should be able to pay more to the provider and get it.

Good luck and keep us updated!

~Halv