Our ASA-5505 has a single outside IP, and dynamic NAT for the LAN is working fine. I set up a static NAT rule for the outside IP to our internal SSH server and created an ACL that allows external connections to connect to the SSH port on the external IP so that the SSH port on the ASA-5505 is forwarded to the internal server. However, when I try to SSH from an external host, the connection times out, and the ASA logs that the connection is denied due to an ACL. To create this configuration I followed the Getting Started Guide and found several relevant guides both on Cisco.com and around the Internet, but the port forwarding isn't working and I'm pulling my hair out as to why the ACL which I already explicitly created isn't working. Here's the relevant config lines; if you need more information please reply.
access-list outside_access_in extended permit tcp any host X.X.X.X eq ssh log
static (inside,outside) X.X.X.X 192.168.18.51 netmask 255.255.255.255
access-group outside_access_in in interface outside
I sanitized the external IP to X.X.X.X for privacy.
If x.x.x.x is outside interface then you actually need to use the word "interface" in the static and acl, not x.x.x.x.
If x.x.x.x is outside interface address on ASA then you need to do this...
static (inside,outside) tcp interface 22 192.168.18.51 22 netmask 255.255.255.255
access-list outside_in permit tcp any interface eq 22
access-group outside_ in in interface outside