If the other party can set up port forwarding (or doesn't use NAT), you're all done. A TCP connection is always duplex-capable.
If that's not possible, you could resort to "Hole Punching", a technique that tricks NAT devices into allowing an "incoming" connection, with the help of a universally reachable third party.
Taken from the linked article, the basic principle:
- Peer A sends a SYN to Peer B
- Peer B sends a SYN to Peer A
- When NAT-a receives the outgoing SYN from Peer A, it creates a mapping in its state machine.
- When NAT-b receives the outgoing SYN from Peer B, it creates a mapping in its state machine.
Both SYN cross somewhere along the network path, then:
- SYN from Peer A reaches NAT-b, SYN from Peer B reaches NAT-a
- Depending on the timing of these events (where in the network the SYN cross),
at least one of the NAT will let the incoming SYN through, and map it to the internal destination peer
Upon receipt of the SYN, the peer send a SYN+ACK back and the connection is established.
Have you checked if UPnP works? UPnP is a protocol for port forwarding, and if you're lucky, it works even if the ISP doesn't tell you about it. – nitro2k01 – 2014-03-21T09:31:21.763