<div>
why not just use NAT to one of your spare LIVE IP addresses ? 
 
You've neglected to tell us what brand / model your router is, and we'd also need a copy of the config (remove your passwords) so we can advise better.. 
 

</div>

<div>
I will be interested in participating once you answer PsychoFelix's question. Usually, configs, a little sketch or so can help in the quick understanding of your situation.
</div>

<div>
I thought about using NAT to direct traffic from the spare IP address ((67.67.140.203) to an internal IP and then assigning that IP to the computer in question, but my concern was with security. &nbsp;If someone is accessing the computer through the NAT, can they access other computer on the network? &nbsp;I dont want the users that will have access to this computer to be able to gt ot anything else on the network. &nbsp;If usin NAT will accomplish this then I am all for it. &nbsp;Thanks again for any help. 
 
The router is a Netvanta 1335 and the current config file is: 
! 
! 
! ADTRAN, Inc. OS version 17.02.01.00.E 
! Boot ROM version 15.01.B1 
! Platform: NetVanta 1335 PoE, part number 1700525E2 
! Serial number LBADTN 
! 
! 
hostname &quot;Router&quot; 
no enable password 
! 
clock timezone -6-Central-Time 
! 
ip subnet-zero 
ip classless 
ip default-gateway 67.63.148.201 
ip routing 
!!ip host &quot;mxmail.company.com&quot; 192.168.88.2 
ip host &quot;tc.company.com&quot; 192.168.88.6 
ip host &quot;xfer.company.com&quot; 192.168.88.3 
ip domain-name &quot;company.com&quot; 
ip domain-proxy 
ip name-server 64.89.100.2 8.8.8.8 
! 
! 
no ip route-cache express 
! 
auto-config 
! 
event-history on 
no logging forwarding 
no logging email 
logging email priority-level info 
! 
service password-encryption 
! 
username &quot;administrator&quot; password encrypted &quot;&quot;&nbsp; 
! 
! 
ip firewall 
no ip firewall alg msn 
no ip firewall alg h323 
! 
! 
! 
! 
! 
! 
! 
! 
no dot11ap access-point-control 
! 
! 
! 
! 
! 
! 
! 
! 
! 
! 
! 
! 
vlan 1 
&nbsp; name &quot;Default&quot; 
! 
vlan 2 
&nbsp; name &quot;Public&quot; 
! 
vlan 3 
&nbsp; name &quot;Phones&quot; 
! 
! 
interface switchport 0/1 
&nbsp; description Internet 
&nbsp; speed 10 
&nbsp; no shutdown 
&nbsp; switchport access vlan 2 
! 
interface switchport 0/2 
&nbsp; no shutdown 
! 
interface switchport 0/3 
&nbsp; no shutdown 
! 
interface switchport 0/4 
&nbsp; no shutdown 
! 
interface switchport 0/5 
&nbsp; no shutdown 
! 
interface switchport 0/6 
&nbsp; no shutdown 
! 
interface switchport 0/7 
&nbsp; no shutdown 
! 
interface switchport 0/8 
&nbsp; no shutdown 
! 
interface switchport 0/9 
&nbsp; no shutdown 
! 
interface switchport 0/10 
&nbsp; no shutdown 
! 
interface switchport 0/11 
&nbsp; no shutdown 
! 
interface switchport 0/12 
&nbsp; no shutdown 
! 
interface switchport 0/13 
&nbsp; no shutdown 
! 
interface switchport 0/14 
&nbsp; no shutdown 
! 
interface switchport 0/15 
&nbsp; no shutdown 
! 
interface switchport 0/16 
&nbsp; no shutdown 
! 
interface switchport 0/17 
&nbsp; no shutdown 
! 
interface switchport 0/18 
&nbsp; no shutdown 
! 
interface switchport 0/19 
&nbsp; no shutdown 
! 
interface switchport 0/20 
&nbsp; no shutdown 
! 
interface switchport 0/21 
&nbsp; no shutdown 
! 
interface switchport 0/22 
&nbsp; no shutdown 
! 
interface switchport 0/23 
&nbsp; no shutdown 
! 
interface switchport 0/24 
&nbsp; no shutdown 
! 
! 
interface gigabit-switchport 0/1 
&nbsp; no shutdown 
! 
interface gigabit-switchport 0/2 
&nbsp; no shutdown 
! 
! 
! 
interface vlan 1 
&nbsp; description IntrAnet 
&nbsp; ip address &nbsp;192.168.88.1 &nbsp;255.255.255.0 
&nbsp; access-policy Private 
&nbsp; ip route-cache express 
&nbsp; no shutdown 
! 
interface vlan 2 
&nbsp; description Public IntErnet 
&nbsp; ip address &nbsp;67.67.140.202 &nbsp;255.255.255.248 
&nbsp; ip address &nbsp;67.67.140.203 &nbsp;255.255.255.248 secondary 
&nbsp; ip address &nbsp;67.67.140.204 &nbsp;255.255.255.248 secondary 
&nbsp; ip address &nbsp;67.67.140.205 &nbsp;255.255.255.248 secondary 
&nbsp; access-policy Public 
&nbsp; no rtp quality-monitoring 
&nbsp; no ip route-cache express 
&nbsp; no shutdown 
! 
interface vlan 3 
&nbsp; description Phones 
&nbsp; ip address &nbsp;0.0.0.0 &nbsp;255.255.255.255 
&nbsp; ip route-cache express 
&nbsp; shutdown 
! 
! 
! 
! 
! 
! 
! 
ip access-list standard wizard-ics 
&nbsp; remark Internet Connection Sharing 
&nbsp; permit any 
! 
! 
ip access-list extended self 
&nbsp; remark Traffic to NetVanta 
&nbsp; permit ip any &nbsp;any &nbsp; &nbsp; log 
! 
ip access-list extended Serv-u 
&nbsp; permit tcp host 192.168.88.3 &nbsp;any &nbsp; &nbsp;log 
! 
ip access-list extended web-acl-10 
&nbsp; remark Admin Access 
&nbsp; permit tcp any &nbsp;any eq www &nbsp; log 
&nbsp; permit tcp any &nbsp;any eq telnet &nbsp; log 
&nbsp; permit tcp any &nbsp;any eq ssh &nbsp; log 
! 
ip access-list extended web-acl-11 
&nbsp; remark Deltek 
&nbsp; permit tcp any &nbsp;host 67.67.140.205 eq 7009 &nbsp; log 
! 
ip access-list extended web-acl-12 
&nbsp; remark Phones 
&nbsp; permit ip any &nbsp;host 67.67.140.203 &nbsp; &nbsp; log 
! 
ip access-list extended web-acl-9 
&nbsp; remark Email Server 
&nbsp; permit ip host 192.168.88.2 &nbsp;any &nbsp; &nbsp; 
! 
ip access-list extended wizard-pfwd-1 
&nbsp; remark SMTP Mail 
&nbsp; permit tcp any &nbsp;host 67.67.140.202 eq smtp &nbsp; log 
! 
ip access-list extended wizard-pfwd-2 
&nbsp; remark HTTP 
&nbsp; permit tcp any &nbsp;host 67.67.140.202 eq www &nbsp; log 
! 
ip access-list extended wizard-pfwd-3 
&nbsp; remark HTTPS 
&nbsp; permit tcp any &nbsp;host 67.67.140.202 eq https &nbsp; log 
! 
ip access-list extended wizard-pfwd-4 
&nbsp; remark Serv-U 
&nbsp; permit tcp any &nbsp;host 67.67.140.204 eq https &nbsp; log 
! 
ip policy-class Email 
&nbsp; ! Implicit discard! 
ip policy-class Private 
&nbsp; allow list self self 
&nbsp; nat source list wizard-ics interface vlan 2 overload 
&nbsp; nat source list web-acl-9 address 67.67.140.202 overload 
! 
ip policy-class Public 
&nbsp; nat destination list wizard-pfwd-4 address 192.168.88.3 
&nbsp; nat destination list wizard-pfwd-1 address 192.168.88.2 
&nbsp; nat destination list wizard-pfwd-2 address 192.168.88.2 
&nbsp; nat destination list wizard-pfwd-3 address 192.168.88.2 
&nbsp; allow list web-acl-10 self 
&nbsp; nat destination list web-acl-11 address 192.168.88.6 
&nbsp; nat destination list web-acl-12 address 192.168.88.7 
! 
! 
! 
ip route 0.0.0.0 0.0.0.0 67.67.140.201 
! 
no ip tftp server 
no ip tftp server overwrite 
no ip http server 
ip http session-limit 5 
ip http secure-server 8443 
ip http language English 
no ip snmp agent 
no ip ftp server 
ip ftp server default-filesystem flash 
no ip scp server 
no ip sntp server 
! 
! 
! 
! 
! 
! 
! 
! 
! 
!!!!! 
! 
line con 0 
&nbsp; login 
! 
line telnet 0 4 
&nbsp; login 
&nbsp; shutdown 
line ssh 0 4 
&nbsp; login local-userlist 
&nbsp; no shutdown 
! 
! 
! 
! 
! 
! 
! 
! 
end 
 
 

</div>

<div>
No more input after I supplied the requested information?
</div>

<div>
<div class="content wysiwyg-content">
First off, let me apologize for my inexperience in the networking world. &nbsp;I am part of a small company and I AM are IT guy and I am learning as I go. 
 
Here is my situation: 
I have 5 static IP address asssigned to me by my internet provider. &nbsp;Lets say they are 67.67.140.201 - 205. 
I currently have one ethernet cable entering into the building that supplies my internet connection. &nbsp;That cable is connected into port 1 of my router which is set up as its very own vlan (vlan 2). &nbsp;The rest of the ports on my router are set up on a seperate vlan (vlan 1). &nbsp;I use NAT to direct traffic from the incoming (vlan 2) feed to the rest of the network connected on vlan2. 
 
I have a need to allow someone to access a computer on my network using one of the static IPs (67.67.140.203) that have been assigned to me by my internet provider. &nbsp;It seems to me that setting up a new vlan for that computer to connect to and then forward the incoming traffic from the 67.67.140.203 IP address to the new vlan would be a reasonable answer to this issue. 
 
Does this seem like a good way to do this? &nbsp;And if so, how exactly do I go about it. 
 
My initial thought is to assign the incoming IP (67.67.140.203) to the vlan, assign a port on the router to that vlan and than connect the computer to that port. &nbsp;My only question is; what do I set the computers IP, gateway, etc to? &nbsp;Does this sound right? 
 
If there is a cleaner, better way to do this, please let me know. 
 
Thanks for any help. 
Rick
</div>
</div>

First off, let me apologize for my inexperience in the networking world.  I am part of a small company and I AM are IT guy and I am learning as I go.

Here is my situation:
I have 5 static IP address asssigned to me by my internet provider.  Lets say they are 67.67.140.201 - 205.
I currently have one ethernet cable entering into the building that supplies my internet connection.  That cable is connected into port 1 of my router which is set up as its very own vlan (vlan 2).  The rest of the ports on my router are set up on a seperate vlan (vlan 1).  I use NAT to direct traffic from the incoming (vlan 2) feed to the rest of the network connected on vlan2.

I have a need to allow someone to access a computer on my network using one of the static IPs (67.67.140.203) that have been assigned to me by my internet provider.  It seems to me that setting up a new vlan for that computer to connect to and then forward the incoming traffic from the 67.67.140.203 IP address to the new vlan would be a reasonable answer to this issue.

Does this seem like a good way to do this?  And if so, how exactly do I go about it.

My initial thought is to assign the incoming IP (67.67.140.203) to the vlan, assign a port on the router to that vlan and than connect the computer to that port.  My only question is; what do I set the computers IP, gateway, etc to?  Does this sound right?

If there is a cleaner, better way to do this, please let me know.

Thanks for any help.
Rick

Use vlan to isolate a computer

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Networking Protocols

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.