Are you trying to foward all outside ports to that internal IP?
Or have you open some ports on the wan interface?
Is what you need through being block on the external wan interface?
If so then does Firewall have all or the needed outside external ports opened to the outside then the rule should send anything coming in to that IP. It would be better to forward only the needed ports to the machine. Then open the needed ports to the outside wan port.
Example of a single port. You can set it up to use multiple ports on the same line or I perfer a line for each forwarded port.
Code:
# $IPTABLES -t nat -A PREROUTING -i $EXTERNAL_INTERFACE -p tcp -d $EXT_IP --dport 80 \
# -j DNAT --to-destination 192.168.3.58:80
Brian