Solution 1:

The process on port 4296 listens only on the localhost / 127.0.0.1 address and therefore is not accessible from outside. You have to change the configuration (or the program itself if it's one that you wrote) to listen on 0.0.0.0 - that will make it listen on all addresses.

Here's an example from my system:

~ # netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address    Foreign Address   State       PID/Program name    
tcp        0      0 0.0.0.0:22       0.0.0.0:*         LISTEN      1311/sshd           
tcp        0      0 127.0.0.1:631    0.0.0.0:*         LISTEN      1183/cupsd          

Here SSH listens on port 22 on all addresses and is therefore accessible from outside (if firewall and SG permits of course).

On the other hand CUPS listens on port 631 only on the localhost (127.0.0.1) and even if firewall / SG allowed this port it wouldn't be accessible from outside.

Hope that helps :)