MikroTik

I will be setting up a MT router that is going to have a single WAN connection with multiple boxes behind it. Each of the individual boxes will need a public static IP address that I am getting from our ISP, and each will need to be accessible from the internet. More specifically each will need to be able to have FTP access open to the outside world.

Internet
|
Mikrotik
/ / | \ \
PC PC PC PC PC
Static Static Static Static Static

You need to make the router into just a switch.

From default config:

- IP > DHCP Server, remove entry
- IP > DHCP Client, remove entry
- IP > Addresses, remove entry
- IP > Firewall > NAT remove entry
- Bridge > ports, click Add, interface: ether1-gateway, bridge: bridge-local

Now your Mikrotik doesn't give out IPs, doesn't request an IP for it's interfaces, and ether1 is part of the bridge-local switch.

If you're hoping to use the firewall features of the MT, I don't think they'll work on interfaces in the same bridge. Instead you can go to Bridge > Filters

To connect to the switch, you can connect to it via MAC (or get another IP from your ISP) Also check and firewall ability to connect to Mikrotik from public internet.

No need to use just as switch. Guess you'll be handed-off a /29.

Setup everything as you would normally do, set proper routing to your /29, then set a firewall leaving forward chain to ftp servers mostly open but for sensitive ports (22 for example). Do not masquerade connections from internal FTPs servers.

Maybe put private IPs on PCs and do dst-nat and src-nat to public addresses?
Or if you get /29 range you could split it into 2 /30