I was getting tired of ssh'ing through bastion hosts to get to devices on my lab test network from my laptop when at home, so I googled for "ssh proxy." The best option in the first 10 results turned out to be a program I wrote, called sshuttle. Duh.
Anyway, I initially discarded that option because I haven't maintained sshuttle for a long time and it didn't work with newer versions of MacOS. Looking closer, however, it turns out that someone has picked up maintenance (and you can get it from https://github.com/sshuttle/sshuttle) and it now works great on the latest MacOS, in fact.
Then all you have to do is use the Chrome Secure Shell extension to port forward eg. port 2222 to a real Linux box (in my case, the lab bastion host) on the corp network, and run:
sshuttle -vNHr localhost:2222
The -H auto-discovers hostnames from /etc/hosts (and other places), while -N auto-discovers local subnet routes that match the lab network.
After that, you can ssh "directly" to any of the attached hosts.
I'm slightly boggled that open source has turned out to be so useful. I should abandonware my projects more often! (*)
(*) Hah, like I could do it more often
ssh+2FA to all your machines, anywhere, without opening firewall ports.