I was wondering if anyone could give me some idea for a network layout that I want.

Basically I want to have two branches to my network: a public branch and then a private branch. All the computers in the public branch has their own static IP address and then private branch shares the same public IP, but are give an IP from my DHCP server automatically. Also, I am thinking about making the private network wireless enabled. But the kicker for all this is that if someone in the public branch types in an IP of a computer in the private it will be accessible, and if someone in the private branch or public branch types in an IP in the public, the packets don't go over the internet, they stay within the network. Plus this all need to behind a firewall.

Any ideas? I mean I could even draw a picture if need be for the layout. ;)

Internet connection -> router -> firewall
-> switch -> public
\-> router -> switch -> private

It's just a subnet, the routers can deny traffic or permit traffic as you see fit. You can also have a firewall do the NAT. Any computer can do routing too, if you're into that. Most folks use seperate hardware solutions, I know I do.

I'm not sure I got the direction to point out correctly in this post. The second router hangs off of the first switch.

Bah, I probably didn't describe it accurately enough anyway :)

Maybe something like this (http://www.xtremepccentral.com/gallery//showphoto.php?photo=376&password=&sort=1&cat=3007&page=1)?

:)

This is just from my perspective, but that diagram uses too many firewalls. Should be two for redundancy earlier in the network (behind the 2621 router). Then the firewall rules might be a little more complicated initially but you can copy the rules to the second machine. You can either use commercial firewalls (Nokia, Cisco whatever) or build your own using matched computers.
(I used two loaded Ultra 2s one time for redundancy on an extremely high traffic website sporting gig feeds with no trouble at all).

This isn't to say I'm right, this is just another perspective. I'm guessing that you either had the firewalls on hand or the budget dictated what you could do and when. All that really matters is that it does what you want the way you want it so if you're happy, it's good. I just use a more streamlined minimalist approach to things. I'm NOT an network engineer, just a flunky.