We recently bought a Buffalo linkstation nas device which has web capabilities and I need to open port 9000 (both ways) in order for this to work. Its been a while since I did anything cisco related and despite my best efforts its still not working.  I need all trafic from the outside on port 9000 to be forwarded to this device. Cna someone please help me with  this rule

Building configuration...
: Saved
:
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 
enable password
passwd 
hostname pixfirewall
domain-name www.*********.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
no fixup protocol sip 5060
no fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list gainsville permit ip 172.*.*.0 255.255.255.0 10.*.*.0 255.255.255.0 
access-list 130 permit ip any any 
access-list 123 permit tcp any host 98.*.*.* eq 69 
access-list 123 permit tcp any host 98.*.*.* eq h323 
access-list 123 permit udp any host 98.*.*.* eq 5060 
access-list 123 permit tcp any host 98.*.*.* range 10015 10064 
access-list 123 permit udp any host 98.*.*.* eq 10060 
access-list 123 permit tcp any host 98.*.*.* range 49151 49800 
access-list 123 permit udp any host 98.*.*.* range 49151 49800 
access-list 123 permit tcp any any eq pptp 
access-list 123 permit gre any any 
access-list 123 permit ip host 216.*.*.* any 
access-list 123 permit tcp any any eq 10050 
access-list 123 permit icmp any any 
access-list 123 permit tcp 216.*.*.* 255.255.255.0 host 98.*.*.* eq www 
access-list 123 permit tcp 216.*.*.* 255.255.255.0 host 98.*.*.* eq www 
access-list 123 deny tcp any host 98.*.*.* eq www 
access-list 123 permit ip any host 98.*.*.* 
access-list 123 permit tcp 216.*.*.* 255.255.255.0 host 98.*.*.* eq 3389 
access-list 123 permit tcp 216.*.*.* 255.255.255.0 host 98.*.*.* eq 3389 
access-list 123 deny tcp any host 98.*.*.* eq 3389 
access-list 123 permit tcp any any eq 9000 
access-list nonat permit ip 172.*.*.* 255.255.255.0 10.*.*.* 255.255.255.0 
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 98.*.*.* 255.255.255.248
ip address inside 172.*.*.* 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 172.*.*.* 255.255.255.255 inside
pdm location 172.*.*.* 255.255.255.255 inside
pdm location 172.*.*.* 255.255.255.255 inside
pdm location 172.*.*.* 255.255.255.255 inside
pdm location 172.0.0.0 255.0.0.0 inside
pdm location 192.168.1.0 255.255.255.0 inside
pdm location 10.0.0.0 255.255.255.0 outside
pdm location 216.*.*.* 255.255.255.255 outside
pdm location 216.*.*.* 255.255.255.0 outside
pdm location 216.*.*.* 255.255.255.0 outside
pdm location 98.*.*.* 255.255.255.0 outside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
global (outside) 2 98.141.142.93 netmask 255.255.255.224
nat (inside) 0 access-list nonat
nat (inside) 2 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp 98.*.*.90 9000 172.*.*.2 9000 netmask 255.255.255.255 0 0 
static (inside,outside) 98.*.*.91 172.*.*.61 netmask 255.255.255.255 0 0 
static (inside,outside) 98.*.*.92 172.*.*.125 netmask 255.255.255.255 0 0 
access-group 123 in interface outside
access-group 130 in interface inside
route outside 0.0.0.0 0.0.0.0 98.*.*.89 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+ 
aaa-server RADIUS protocol radius 
aaa-server LOCAL protocol local 
http server enable
http 192.168.1.0 255.255.255.0 inside
http 172.*.*.1 255.255.255.255 inside
http 172.*.*.2 255.255.255.255 inside
http 172.*.*.61 255.255.255.255 inside
snmp-server host outside 216.*.*.217 poll
no snmp-server location
no snmp-server contact
snmp-server community r3m4x
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set gainsville esp-3des esp-sha-hmac 
crypto map vpn 1 ipsec-isakmp
crypto map vpn 1 match address gainsville
crypto map vpn 1 set peer 74.92.148.25
crypto map vpn 1 set transform-set gainsville
crypto map vpn interface outside
isakmp enable outside
isakmp key ******** address 74.*.*.25 netmask 255.255.255.255 
isakmp identity address
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash sha
isakmp policy 1 group 1
isakmp policy 1 lifetime 86400
telnet 0.0.0.0 0.0.0.0 outside
telnet 172.0.0.0 255.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 60
console timeout 0
dhcpd ping_timeout 750
dhcpd auto_config outside
terminal width 80