Hi All, My Internet Connection is terminated on Router,passess the firewall and then LAN.
I have been told to connect Two PC with Public IP and it should be not part of LAN and not NATTED.
Can this be doable.
Okay then you are pretty much good to go.
Lets assume that you get the range 184.108.40.206/29.
assign 220.127.116.11 to the ASA interface.
assign 18.104.22.168 to PC1
assign 22.214.171.124 to PC3
to not NAT
access-list NONAT permit ip host 126.96.36.199 host 188.8.131.52
access-list NONAT permit ip host 184.108.40.206 host 220.127.116.11
nat (DMZ1) 0 access-list NONAT
** Couple of things to note about the above -
i) DMZ1 is the name of dmz interface created on the ASA. You can use any name you want
ii) 18.104.22.168 is the IP address of the server in the US that the PCs are connecting to
Make sure that the security level is less than the outside interface and traffic will be allowed by default to go out to the Internet.
Finally if you want to allow connections to be initiated from the US server to the PCs all the above is still relevant but you will also need to add entries to the acl on your outside interface.