@tollingalo
I think you understood it 100% right.
But I don't know how you mean "cannot be done".
Maybe you mean "cannot be done with the ssh client".
Statement:
I think technically in general it can be done.
Argumentation:
Because if mediator would have SSH, this would be possible - I've tested it:
user@mediator$ ssh -L 4000:localhost:2000 server
user@client$ ssh -L 6000:localhost:4000 mediator
user@client$ application localhost 6000
Implication:
So technically I see no limit to write a software which
1) would run on mediator
2) would map the only locally accesible port 4000 to a very normal also remotely accessible port 6000 which could be accessed by client
But maybe you mean that you don't know any software which could do that.
Maybe you're right. I also don't know anyone - hence I asked here.
Thanks for your help!
Maybe someone else has an idea?