Scenario
Your favorite computers are all on a corporate network, which is surrounded by a firewall restricting inbound traffic, but not outbound traffic. However, in an effort to reduce productivity, Mordac, preventer of IT services, has installed additional firewalls that separate groups of machines on the inside of the outermost firewall.

Diagnostics aka Port Scanning
You presumably control both machines that you want to talk to each other.  If you don’t then this is hacking.  If you do control both of them, then this is diagnostics. Portqry from Microsoft is one utility you will likely be able to use.

e.g.
portqry -n intranetserver -e 433

Options
Reconfigure the firewall.  Inside a firewall, additional firewalls on the intranet is security overkill.  It means you have untrusted machines on the network.  Moving those outside of the intranet and re-opening the ports internally is the best option. However, not all network admins give a rats ass about your project or know how to configure the firewall they installed. 

Reconfigure to use what is open. Some ports can be expected to be open even on all machines, for example LDAP and Kerberos ports, without which machines can’t authenticate.  You can also expect VNC or RDP ports to be open, else Mordac would have to get off his fat ass and visit machines in person to work help desk tickets.  These ports still might not be open for the pair of computers you are interested in or the direction you are interested in.

VPN and other tunnels.   Hamachi and putty/ssh are examples.  Hamachi is easy to use, but requires a 3rd party on the internet to enable you traffic.  Putty doesn’t require a 3rd party, but is challenging to configure and use.

Remote desktop/VNC.  If that fails, depending on the scenario, you might just want to see if RDP or VNC are available.  If you can’t copy the file from there to here, maybe it is enough to read it through RDP.

Proxy.  Proxies are an edge case.  If you have three machines on a network, A, B, C, where A can’t talk to C, but A-B and B-C work, then you can set up a proxy for the traffic from A to C.

This morning my PC says my account is locked out.  Apparently, when I connect to my office by VPN, something on my computer was repeatedly trying to log into my computer using my name, Matthew Martin.  The password and domain were wrong, so Windows XP helpfully locked out my account, which I admit was the behavior I told to have.  I set a limit of something like 1000 failed logins before lockout.  On the “Welcome Screen”, there is no obvious way to log in as administrator.  Guess what feature I plan to start turning off on all the XP machines I come across?  That’s right.  Someday I’m going to need to tell someone in my family how to log on as administrator and they are going to be at a “Welcome Screen” without administrator on the list.  I managed to log on by using remote desktop.  I unlocked my account and found out that MYWORKDOMAIN\Matthew Martin had been attempting to log on about every minute or so all night.

The failed logon continue.  Where could it be coming from?  If VPN is turned off, the logons stop.  Currently, I think the culprit is SQL Server Management Studio, which will send at ‘Are you alive’ connection attempt to every server on your list. It could also have been remote desktop or filesharing, I can’t really prove anything.

If the remote server is a WORKGROUP and not a domain machine and the user names are the same, then a polling app can easily lock out an account just by repeatedly attempting to log into a remote machine.  As long as the logon type =3, there doesn’t appear to be any limits on the remote machine.