"Instead, if there is a system on the inside of the network that
you can forward a port to for SSH, you can then SSH into the box
and use TCP forwarding to get to the firewall via the inside of the
network. This has the advantage of authentication and strong
encryption. If the remote firewall has SSH running on it, you do
not even need another internal system to SSH into; just SSH into
the firewall itself."