A technique for establishing communications between two parties in separate organizations who are both behind restrictive firewalls. Used for applications such as online gaming and voice over IP (VoIP), both clients establish a connection with an unrestricted third-party server that uncovers address information for them. Since each client initiated the request to the server, the server knows their IP addresses and port numbers assigned for that session, which it shares one to the other. Having valid port numbers causes the firewalls to accept the incoming packets from each side (see
PAT). "TCP hole punching" uses the TCP protocol rather than UDP. See
UDP,
TCP/IP and
VoIP.