ipfw+nat

[OxY]

hi all!

i'd like to ask for your help, because i didn't find anything related about 
this topic..
i have a box, with public ip, which is connected to other clients through 
openvpn (10.254.0.x)
i'd like to connect to the openvpn client's port (for example ssh)
through a public address  port (x.x.x.x 16354)

unfortunately i totally failed in this, can't even forward to my boxes 
openvpn address..

tried this:
$cmd 00701 fwd 10.254.0.1,22 tcp from any to x.x.x.x 16354

no result, connection refused..
it works well with datapipe, however i don't want to set up dozens of 
datapipes :)

natd is enabled, do i need it? or ipfw divert?
i have the following related in kernel conf:

options         IPFIREWALL
options         IPFIREWALL_VERBOSE
options         IPFIREWALL_VERBOSE_LIMIT=5
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPFIREWALL_FORWARD

do i need anything else?
thx for all your help and merry christmas!