The most popular way to get around a firewall is to set up what is called a tunnel. To tunnel basically means connecting a computer restricted by a firewall to an unrestricted computer outside the firewall, then using the internet access of the unrestricted computer via the restricted computer. The reason this works is simple; the firewall only sees what the restricted computer is accessing, which in this case is the ip of the unrestricted computer, but it doesn’t see what the unrestricted computer is accessing.

This will not work under the conditions that

1. There is only internal access and no external access.
2. All sites are blocked except a specific few.

So lock down those ports.