ssh tunnel (port forwarding) through multiple hosts

Sometimes you may need to connect to a service/port which is behind multiple DMZ hosts from your windows/linux desktop, where you just have ssh access. SSH tunneling to the rescue, you could configure tunnels across putty session - all the way to your end host

Here with an example:
In this scenario, I have used Xserver service as an example to demonstrate. Goal is to be able to connect to my Xserver running on windows desktop from a linux host, which is behind two DMZ/firewall hosts.

See below diagram to understand the flow of traffic

Find below putty configuration on windows desktop

As shown above, after adding tunnel configuration into putty ssh->tunnels settings tab, click add and try to ssh into GW1 host.

Once on GW1 host: run "ssh -R 6002:127.0.0.1:6001 user@GW2"
Once on GW2 host: run "ssh -R 6003:127.0.0.1:6002 user@destination"

Now you are logged onto your destination host via ssh with all tunnels setup, so local port 6003 on destination host  => gets forwarded to port 6000 on your windows host.

so, simply setting DISPLAY variable to point at localhost:3.0 would make xterm go live! similarly you can do port forwarding in reverse direction with " ssh -L"