While the SG units aren't one of my headline products, I think I may be able to point your in the correct general direction, and when he comes online rcamm may well be able to put you straight or fill in any remaining blanks.
What you need to implement is Network Address Translation - the means of allowing a host with an otherwise unroutable private address on the internal side of your Firewall use one (or more) of your allocated public ISP-supplied addresses.
There is a NAT option on the GUI and from within this page I'm guessing you will need to focus on either the "Port Forwarding" tab or the "1 to 1 NAT" tab. Based on your description, you may end up looking at 1 to 1.
Port Forwarding allows you to define policies based on ports and services. This allows you accept connections on a specific external IP address and then, based on the service in question, decide which internal host should actually be the recipient of that connection. This is a flexible option and allows multiple hosts to share a single public address.
1 to 1, as the name suggests is more of a permanent relationship between one of your external IP addresses and a host on your internal network.
Once you have decided which 'mode' best suits your needs and you have configured the NAT policies you still need to create Firewall rules (Packet Filter rules) to control which traffic is allowed to flow through the Firewall itself.
I hope that is of use to you.
Thanks for the response Phil. I'm quite familiar with basic NAT, so I am confident setting up that part, but the issue is that the router has one IP assigned, and no other IP address is available when editing NAT entries. I have the correct /29 netmask, but whenver I go to set up NAT it makes me choose the external IP from a drop-down, and that only shows the single IP assigned to the router. So maybe my question boils down to, how do I make the remainder of the IP block available for NAT entries?
Go to the Network Setup page, select the "internet" port (Port B in my case), and click on the edit link.
When the next page appears, you should see 6 tabs at the top of the screen and another 5 tabs immediately below. In this second row of tabs is one called "Aliases".
This screen should then allow you to add the remaining addresses from your ISP-supplied /29 subnet to that interface on the Firewall. Once they're in place you should then be able to reference them in the NAT configuration.
That's it! Problem solved, thanks Phil!