Need Help with configuring SSH access to managment vlan from another vlan

Hello guys

I have two switches "HP Aruba 2530 Poe" that located in of the company branches (off-site)

I want to gain access to them remotely from our main office

I already Configured NAT in the firewall to port 22 to the switch "10.10.10.100"

The problem is that i don't know how to allow / permit other vlans in our situation VLAN 100 (Internal-LAN) to gain access to  vlan 101 (Managment Vlan) , i want to be able to connect to the switch with SSH from our main office.

My Configurations:

hostname "SWITCH-01"
console idle-timeout 900
console idle-timeout serial-usb 900
trunk 23-24 trk1 lacp
no telnet-server
ip default-gateway 10.10.10.254
snmp-server community "public" unrestricted
no snmp-server enable
vlan 1
name "DEFAULT_VLAN"
no untagged 1-22,25-28,Trk1
ip address dhcp-bootp
forbid 3-22,25-28
exit
vlan 5
name "LACP-TRUNK"
untagged Trk1
no ip address
exit
vlan 100
name "INTERNAL-LAN"
untagged 3-22
tagged Trk1
no ip address
exit
vlan 101
name "MANAGMENT"
untagged 1-2
tagged Trk1
ip address 10.10.10.100 255.255.255.0
exit
vlan 666
name "UNUSED-PORTS"
untagged 25-28
no ip address
exit
spanning-tree
no tftp server
no dhcp config-file-update
no dhcp image-file-update
no dhcp tr69-acs-url

I want to mention that i can connect to cli through SSH channel to the switch if i connecting from Untagged 1-2 ports.

But i cannot connect from vlan 100 (INTERNAL-LAN) through ssh channel

Thanks for the help to all.