http-tunnel.sourceforge.net/

An HTTP tunnel is an option, but although you didn't ask for anything else, I would suggest doing a DNS tunnel.
Because since there is a need for an http tunnel, it means that access to the world (tunneling) is “administratively” prohibited (but technically, this can probably be bypassed). But there will be an attack if they notice. And it is found very easily, I think. Or if they look at at least some statistics by proxy, or if they just accidentally look into the log. Visible to the naked eye. The fact is that with an HTTP tunnel, as I understand it, you will have 1 HTTP request per 1 packet. For example, this modest page (your question in QA) was downloaded by me in 54 packages. That is, through the tunnel, the load would be 50 times greater. On other pages, this ratio may be even higher. Launched ICQ or Skype through a tunnel - this is still then constant http requests. As a result, it turns out that you alone create requests (and even strange looking requests) so much, how many average office sizes in total. A casual look at the logs - and half of the requests will be yours, which will arouse curiosity. And your gateway server, according to statistics, will be the most visited among all employees who go through the gateway (after all, they went to some server and left. And you have any network operation - this is a lot of requests to one of your servers).
In general, I would advise you to initially think about DNS tunneling. The costs are the same - virtserver + domain (even though the third level). There is a huge plus in the fact that usually DNS queries are not logged anywhere and are not viewed, if there are absolutely no oddities observed.

Look at the version from my article , maybe it will suit you with some changes.

The issue is resolved by installing proxifier to the corporate server. And then we break into an open world proxy.