A system and method for allowing bidirectional network traffic to pass through a network address translation ("NAT")/firewall device thereby allowing bidirectional traffic to flow between the private side of the NAT/firewall device and the public side of the NAT/firewall device while maintaining security between the public side and the private side is described. A network processing system on the public side of the NAT/firewall device anchors network traffic to and from the private side of the NAT/firewall device. A traversal client resides on the private side of the NAT/firewall device and has a secure connection with the network processing system. The traversal client is operable to pass signaling packets bound for a terminal on the private side of the NAT/firewall from the network processing system. The traversal client is also operable to send test packets through the NAT/firewall to create the allocations in the NAT/firewall to allow the bidirectional traffic to pass from the public side to the private side.