I want to let computers on LAN1 connect to port 7000 (a win tcp/ip server) of a computer located in a subnet of LAN2.
The network layout is like this:
The task is more precisely: any machine on subnet1 of LAN1 should be allowed to connect to port 7000 of a machine (192.168.0.67) on subnet2 of LAN2, whilst going through three servers doing firewall and nat.
I could establish a working natd redirect rule on server3 to redirect 192.168.0.67:7000 to 192.168.226.2:7000. So, I can connect to 192.168.0.67:7000 via 192.168.226.2:7000.
I tried a chain of port redirections, but no furher port redirections seem to work.
I wonder if I could use ssh port forwarding for the task, as ssh is on servers 1, 2 and 3 (but it is not on the windows server 192.168.0.67).
I already made some attempts with ssh port forwarding, too, with no success. (I think I could not grasp the principles of ssh port forwarding, since I could not establish even the simplest one inside LAN2)
Could you help me?

I had a little success in port forwarding in the meantime. I issued the following command on serverA:
ssh -L8080:serverB:80 serverB

Now, when I am logged into serverA, I can connect to localhost:8080 and see the web page on serverB.

This, however only works on localhost, and I cannot do the most important: connect to serverA:8080 and see serverB:80 there.
When I tried to connect to serverA:8080 from any other host, my browser gave me "page unavailable" error.

So, is it possible to setup a secure tunnel with ssh between two servers so that clients can make use of the tunnel?
I mean: a client close to serverA connects to serverA:8080, but it actually connects to serverB:80 via the ssh tunnel (port forwarding).