Simple nat not working

Hi

Im coming for netscreen and cant figure how to do a simple nat... ive spent about 5 hours on this and cannot get it to work ....

I want to forward port 2222 on the srx to 192.168.1.2 port 22  - YES very very basic . I have to be missing something here

Please help !!

Thanks

This is what ive done

set security nat destination pool dst-nat-pool-1 address 192.168.1.2/32
set security nat destination pool dst-nat-pool-1 address port 22
set security nat destination rule-set rs1 from interface ge-0/0/0.0
set security nat destination rule-set rs1 rule r1 match destination-address 0.0.0.0/0
set security nat destination rule-set rs1 rule r1 match destination-port 2222
set security nat destination rule-set rs1 rule r1 then destination-nat pool dst-nat-pool-1
set security address-book global address server-1 192.168.1.2/32
set security policies from-zone Internet to-zone Internal policy server-access match source-address any
set security policies from-zone Internet to-zone Internal policy server-access match destination-address server-1
set security policies from-zone Internet to-zone Internal policy server-access match application any
set security policies from-zone Internet to-zone Internal policy server-access then permit

Output

root@srx210# show security nat
source {
rule-set nsw_srcnat {
from zone Internal;
to zone Internet;
rule nsw-src-interface {
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
destination {
pool dst-nat-pool-1 {
address 192.168.1.2/32 port 22;
}
rule-set rs1 {
from interface ge-0/0/0.0;
rule r1 {
match {
destination-address 0.0.0.0/0;
destination-port 2222;
}
then {
destination-nat pool dst-nat-pool-1;
}
}
}
}

[edit]
root@srx210# show security policies
from-zone Internal to-zone Internet {
policy All_Internal_Internet {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
from-zone Internet to-zone Internal {
policy Net {
match {
source-address any;
destination-address any;
application any;
}
then {
deny;
}
}
policy server-access {
match {
source-address any;
destination-address server-1;
application junos-ssh;
}
then {
permit;
log {
session-init;
}
count;
}
}
}