Install advise for locked down network


We have a heavily locked down network, I can't tftp boot new builds because
ports are blocked. I am using the foreman_boot disk plugin to work around
the lack of open tftp ports, however I am presented with another problem,
now my new builds need to get their boot file from Foreman over port 80,
this is also locked down. However, I have another host that does have ports
80 open for all hosts, I have added it as a Smart Proxy to Foreman. Can I
tell my new builds to get their boot files over port 80 from the Smart
Proxy instead?

My setup is like this.

Foreman Host = New builds cannot reach this over port 80
Smart ProxyA = Port 80 open to new builds
Smart ProxyB = Port 8140 open to new builds

Currently my boot file is I'd
like it to be http://smartproxyA/unattended/gPXE as then my new builds can
hit the boot file and life is good.

Is this possible? Or is there an alternative?

I see the Smart Proxy can act a tftp proxy but how about for gPXE/iPXE?

Thanks (again guys),