[LOCAL] : RECV: CHANNEL_OPEN[forwarded-tcpip] 
[LOCAL] : Rejecting remote forward request from 61.X.X.X:54962 to 192.168.198.130:22 because the current filters do not allow 61.X.X.X:54962 to use the remote forward.

S:"Reverse Forward Filter"=allow,127.0.0.1,0 deny,0.0.0.0/0.0.0.0,0

S:"Reverse Forward Filter"=allow,0.0.0.0/0.0.0.0,0

SecureCRT's port forwarding "allowances" fall on the cautious side of security. This is the case for both local and remote/reverse port fowards, which ensures security by default but also means it's not the most convenient default setting if your needs are "special".
In the case of reverse forwards, SecureCRT imposes a default filter that rejects any forwards that don't originate on the server side from the server's loopback address (127.0.0.1). This means that if the (server-side) client application sets the src addr to anything other than 127.0.0.1 (such as a non-loopback NIC address like 192.168.x.y), SecureCRT will deny such forwarding packets received, dropping packets w/o forwarding them on to the configured destination on the SecureCRT side. Such a denial can be seen in debug output if you enable Trace Options (SecureCRT's main "File" menu) prior to connecting to the remote machine.
A denial/rejection looks like this, as one example, in Trace Options debug output (displayed in the SecureCRT terminal window the moment a server-side client application attempts to access the port from a filtered src address/port):
[LOCAL] : RECV: CHANNEL_OPEN[forwarded-tcpip]
[LOCAL] : Rejecting remote forward request from 192.168.232.101:1220 to 10.0.0.1:8080 because the current filters do not allow 192.168.232.101:1220 to use the remote forward.
To relax SecureCRT's reverse forward filters to allow access for more than just localhost-originating addresses on the remote side, you'll need to manually edit the session's .ini file appropriately (make sure you close SecureCRT prior to changing a session's .ini file manually).
Here's the line in the session's .ini file that you'll need to modify:
S:"Reverse Forward Filter"=allow,127.0.0.1,0 deny,0.0.0.0/0.0.0.0,0
If you want to allow everything through (not the most secure choice, but works if you're just setting it up for a PC on a controlled LAB network), do this:
S:"Reverse Forward Filter"=allow,0.0.0.0/0.0.0.0,0
If you just want to allow everthing on the 192.168.x LAN segment, as well as any loopback adapter access to the forwarded port (denying access to all other originating addresses), do this:
S:"Reverse Forward Filter"=allow,192.168.0.1/255.255.0.0,0 allow,127.0.0.1/255.0.0.0,0 deny,0.0.0.0/0.0.0.0,0
This information is described in detail (including ipv6 how-to) within the SecureCRT help under the topic titled, "Configuring Port-Forwarding Filters" located within the "Secure Connections" top-level chapter.