Firewall/NAT

Basically the subject says it all. I've got a DHCP server that I want to keep using. My current 3COM firewall has no problem with NAT when it has DHCP turned off. However, it seems the only way I can get outside the monowall is to let monowall do DHCP. I've got a public address on WAN and private on LAN. With or without DHCP I can access the monowall admin page with its private address. Monowall itself can ping or tracert anything on the internet.

can your clients access the Internet if you use an IP address rather than a host name?

http://208.69.32.231/   (www.google.com)

CS...

To answer CS, no.

I was hoping it wouldn't get complicated but it is.
I got NAT to work without DHCP by using the monowall IP as the default gateway on the client. With my current firewall I can use either 1) a switch IP inside the monowall (LAN side that does VLANing/routing), 2) the firewall IP, or 3) the router IP that sits on the WAN side of the firewall as the default gateway. Currently I am using the switch as the clients' gateway and would prefer to get monowall to accept that as I have a number of devices with IP configured manual/static.
Does this seem possible? Or do I have to change my DHCP server and all my static devices to use the monowall as the gateway? I really don't want to do that because I've still got 1:1 NAT and the DMZ to test and this could drag out to a long process that may or may not work for me in the end.
Thanks for any help on this.

A little more info.
I have 3 NICs, an onboard Broadcom Gigabit, a 3COM 3C905B, and a D-Link cheapo. I thought the issue might be something to do with promiscuous mode. I tried every combination of card in the WAN and LAN positions. In all cases monowall can tracert (by host name) fine but a workstation can only ping or tracert (by IP or name) past the monowall by using the monowall itself as the gateway.

If the only way it works is with DHCP it sounds like you're misconfiguring something when not using DHCP. IP, subnet mask, gateway, and/or DNS.