When submiting jobs to a batch queue via ssh, it should be possible to access a remote machine behind a firewall if ssh tunneling has not been disabled on the firewall system. To do this you first configure ssh and start the ssh agent for the remote batch system. Then in a separate window connect to your firewall access machine ssh -Lport:batch_machine:22 firewall, where port is a number for a socket on your local machine (>1024), batch_machine is the name of the remote batch system, and 22 is the (default) port for ssh connections.
When you specify the local port number used above in the DLV batch job preferences tunnel port widget, DLV will attempt to connect directly to the remote batch system using commands like ssh -p port localhost.
Note: These instructions apply to OpenSSH, and you should check the documentation for your version of SSH for any differences. Some (all?) versions of OpenSSH do not correctly check the host key on port@localhost making this method of connection potentially vulnerable to 'man in the middle' security attacks.