The initial problem has been solved. The routers are hardware routers, the external one is a netcomm, this internal one is a linksys. The DMZ sever sits between the two and servse the website and does mail forwarding, dns and some other stuff. The Internal server is the office file server.
iptables -A FORWARD -j ACCEPT -p tcp --syn --dport 22
iptables -t nat -A PREROUTING -i eth0 -p tcp --syn --dport 22 -j DNAT --to 192.168.xxx.xxr:22
on the DMZ server where 192.168.xxx.xxr is the internal router gateway solves the problem, now I have a new problem where I am rsyncing through the port but after about five minutes, rsync fails with a "connection reset by peer" message and then won't let me onto the port for about another five minutes or so