First of all: You cannot tunnel RDP directly through a proxy. RDP doesn’t speak any HTTP(S) to make the proxy connect to the RDP-Server or anything else. So you’ll need an application, that surrounds this RDP datachannel with HTTP, prefferable HTTPS. I found prtunnel for my Mac on DarwinPorts. This software allows you to tunnel anything you want through an http/socks proxy by connecting to the proxy, making it connect (by sending HTTP commands) to the preffered host and open a local port for the application (e.g. rdesktop) to connect. Good, so let’s connect using prtunnel to myrdpmachine.com:3389 and be happy! – NAH. As soon as you’ll try that you’ll see that it’s not that simple. Most http-proxies do not allow CONNECTs to other ports than 80/443. So you can either set up your RDP daemon to use that port – never found that option in Windoze – or you can use an SSH jumphost, since it’s pretty simple to change the SSH port to 443. So, you connect with prtunnel to your SSH machine on port 443, where the SSH daemon runs, open an SSH tunnel through that machine to the myrdpmachine.com port 3389 and connect with your RDP client on localhost:. Okay, let’s stop the theory and begin with the practice:

Open three terminals and execute the following command on the first one:

prtunnel -V -t http -H 'proxy address' -P 'proxy port' \
'port on local machine' 'remote host to connect to over proxy' \
'remote port, put SSHd on 443'

Then, terminal #2 gets the following command: ssh -L’local tunneling port’:'destination host’:'destination port’ -p ‘local port to connect to, the same given at prtunnel’ ‘user’@localhost
After that you can hapily run your rdesktop localhost:’local tunneling port’ and start RDPing. To make the stuff even more clear, here a concrete example:

prtunnel -V -t http -H 192.168.111.2 -P 3128 13337 192.168.111.3 443
ssh -L13338:192.168.111.24:3389 -p 13337 root@localhost
rdesktop localhost:13338

That’s all the magic. Though, you need to pay attention when selecting your ports, because of course only free ports will work and you really should try to keep them higher than 1024 unless you want to become root. Also you need to remember that running an RDP session over HTTP(S) might get the attention of a firewall or whatever monitoring application is available in that network. “Abnormal behaviour” – you’d never get such an 50:50 up- and downtraffic unless you run some peer-2-peer application or remote desktops.

But of course you can modify the commands and use it to be able to connect to let’s say Jabber from a network where only 80/443-outgoing is available – all you need is a jumphost.