Hi,
So you want to listen to a different port on the untrust interface and then send it through to ssh on your internal server?
On the VIP set it to listen to a different port, in this example port 2222
Network > Interfaces > Edit (internet interface) > VIP: Enter the following
address, then click Add:
Virtual IP Address: select same as interface IP (or another public IP you have free)
Network > Interfaces > Edit (internet interface) > VIP > New VIP Service: Enter
the following, then click OK:
Virtual IP: 1.1.1.1
Virtual Port: 2222
Map to Service: SSH (22)
Map to IP: 192.168.1.10 (internal server you want to make public)
You will need to create a custom service for the port that you want to listen on. Create a custom service "Custom SSH" with a destination port of 2222
Create the Policy for access.
Policies > (From: Untrust, To: Trust) New: Enter the following, then click OK:
Source Address:
Address Book Entry: (select), ANY
Destination Address:
Address Book Entry: (select), VIP(1.1.1.1)
Service: Custom SSH
Action: Permit
This will mean that you ssh to port 2222 on IP 1.1.1.1 this will then forward through to port 22 on 192.168.1.10 on the internal network.
hope this is what you are after
Andy