Rugged 30d Firewall setup issues

Hi,

I am setting up a Rugged 30d.  It is required for purely firewall duties.  I need to isolate a single device behind the firewall and just open up traffic to a particular port on that device.  So I need a 1-1 NAT.  Inside  (LAN) device IP is 192.168.100.11 and port is 1055.  Outside (WAN) address is 10.205.87.25 ie. 10.205.87.25 should NAT to 192.168.100.11.  I'm using eth2 and eth3 with them being in the appropriate subnets with IP addresses 10.205.87.24 and 192.168.100.25 respectively.

I've tried multiple ways of configuring this and read many knowledge base articles as there seems to be many different ways of setting this up.  Most of what I tried didn't work.  The final config I used was setting up a Virtual IP Group and then setting an IPV4 policy to allow the required traffic to pass.  I thought I had this working on a test bench but now that I have tried to implement it, it doesn't work.  I can't get to the inside device.  I can ping it from the firewall itself but not externally.

Does anyone have a known working config that will work.  Effectively, what I'm trying to do is the same as if I had a single mail/web server on the inside network that is to be accessible from outside except the port number is different.

Thanks

Chris