Comment by amenod

I am not an expert in this area, but from what I understand, firewalls keep a list of outbound connections. If inbound connection comes from a known destination IP+port, it will be forwarded to the internal "source" IP+port.

This is how I understand it: if both A and B are behind firewalls, they use C to reach an agreement about IPs and ports used. Then A sends a packet to B, which is silently dropped at B's firewall. Then B send a packet to A - since it looks like an "answer" to previous request it is forwarded by A's firewall to A. Then A sends another packet to B, which is also forwarded by B's firewall to B. Voila, connection made. :)

Note that this is just my understanding, so I would appreciate if someone more knowledgeable in this area would chime in.