I have a client that owns a building with many tenants. The client also has a office in the building and uses Comcast with 1 Static IP address. A new Tennant ordered Comcast service but I have a problem.

Comcast installed both Cable Modems in their Demarc (electrical Closet) My client (building owner) and tenant have their firewalls installed in their suites. Unfortunately, there is only 1 Ethernet cable connecting the electrical closet and a Janitor closet which is about 200'. My client uses this cable to connect from Janitor closet to their suite which is only about 40'. 

The new Tennant is located next to my clients suite. They have had contractors try to get a new ethernet cable from Electrical Closet to their suite but it is extremely difficult due to thick concrete, overfilled conduit, yada yada. 

New Tenants also want to use Comcast but Comcast will only install their modems in electrical closet because they couldn't get coax to other side of building either. 

So I'm proposing to use MS-120 switches in Electrical Closet and Janitor closet to create VLANs for each new tenant using the existing ethernet.  Easy I thought. 

After spending about 4 hours running back and forth with switches and MXs going offline, VLAN mismatches, Public IPs on switches all the while I'm trying to stick finger in dike holes with cloud managed devices getting angry and I'm pulling my hair out and bailed realizing I need a plan before I go back and implement. 

I created a Diagram in Google Docs Here and kindly ask if anyone could review and let me know if this looks like a good design. Honestly, I think I could have pulled a ethernet cable with the amount of time I have spent but hey, this is fun right?

Link to diagram

VLAN 10 - VLAN for my clients firewall configured on switches only

VLAN 20 - VLAN for Tennant's router configured on switches only

VLANs 100-102 - Native VLAN 100 is for my clients LAN configured on switches and MX67

thanks