Hi,

I'm trying to reach a JBoss administration port on a host where I do not have a direct connection. I though I'd set up an ssh tunnel to another machine on the network but I'm having some difficulty.

In the diagram below I am connecting to a host with a SNAT address and attempting to forward local port 10105 to the 9990 port on 10.0.0.50 with is reachable from 10.0.0.40 (1.2.3.4).

I've tried a few ssh client options but the one that seems to fit is:

ssh -L 10105:10.0.0.50:9990 user@1.2.3.4

If I then try to open a browser to localhost:10105 I fail to connect. Can someone help?

Can you access your machine directly from 10.0.0.50? If so, you can set up a reverse tunnel. From 10.0.0.50:
Then from your home machine you could go to localhost:10105

You could also try setting up a proxy tunnel to 10.0.0.40 so your web traffic passes through that machine. Something like:
Then you could launch your browser using the tunnel as a proxy server. For google chrome that would look like:
Any address you go to in that browser session will behave like you're doing it on 10.0.0.40, so you should be able to go to http://10.0.0.50:9990 to access the page you're looking for. This is a good way to encrypt your web traffic when on an unsecured wireless network as well.