You are correct that you need NAT punch-through to get through residential NAT routers, if you don't want to require port forwarding.
You can read about it in <a href='http://www.mindcontrol.org/~hplus/nat-punch.html'>my article on NAT punch-through</a> or in the chapter about the same thing in Game Programming Gems 5. You can also google for other resources.
Note that NAT punch-through generally works best for UDP networking, but the theory also works fine for TCP connections using "simultaneous open." In practice, that's less often actually successful than UDP, though, depending on implementation specifics of residential NAT routers.