You need to surf the corporation webserver behind the firewall at http://web.corp.com/ You have an .shosts authenticated login to your corporate workstation at your office: mystation.corp.com but now you are outside the firewall at: outside.flipperwald.tz.
Do this:
and let it run . . . until ctrl-C terminates the tunnel.ssh -L 1234:web.corp.com:80 mystation.corp.com "perl -e 'while(1) {sleep 30}'"
1234 is an arbitrary portnumber above the well known range. -L listen-port:host:port Forward local port to remote address. The perl bit is an endless loop. Use -C for compression if you like.
Now the secured webserver will magically appear as a fullblown _local_ webserver at port 1234. Point your browser locally at this port http://outside.flipperwald.tz:1234/
The secured webserver will see you as a user at mystation.corp.com.