I am using ssh to connect to a "firewall" machine and was wondering if it was possible to allow ssh root access on the internal nic only and not on the exernal nic. (how?)

Absolutely. You need to start multiple SSH daemons with different config files. By default your system will start one SSH daemon from it's startup scripts, and that will use /etc/ssh/sshd_config as it's config file.

What I would do is copy your existing RC script for sshd, call it sshd_int or something like that. You'll need to create links to it from all the init levels you want it to run at in /etc/rc.d/*. Then edit the sshd_int script and make sure when /usr/sbin/sshd is started, you use -f <yourconfigfile>. Such as /usr/sbin/sshd -f /etc/ssh/sshd_config_int

Now of course you need to copy /etc/ssh/sshd_config to /etc/ssh/sshd_config_int as well, so you can edit that file. Here is what you need to change:
ListenAddress (needs to be your internal IP)
PermitRootLogin (although I would strongly suggest that you DO NOT DO THIS, use a normal user and use sudo to run command as root--don't login as root!)

You should also change ListenAddress in your original sshd_config to be just your external address. If your external address is obtained by DHCP, then there are a few other things you have to do to make sure the two daemons don't conflict with each other.

$ man sshd
$ man sshd_config

for more information. I got all of the above from the man pages.

You could disallow root access all together, internal and external, and then use su to change to root when you need.

Thanks alot guys. I really appreciate the help