We have a public /24 subnet delegated to us by our ISP. Due to how this connection is setup I can't just allow what I need on the outside interface, which is ssh (on my other firewall I just do ssh xx.xx.xx.xx 255.255.255.255 Outside and that's it). ...