You make a good point. Port forwarding is probably not needed but opening port 1700 is. This requires IT involvement on a typical company network. I was not aware that MQTT had been rolled out - but now I see the post - thanks. MQTT needs port 1883 opened so that raises the same issue.
Bottom line is that unless the gateway packet forwarder looks like a typical http browser on port 80 or 443, chances are it is not going to work and IT will need to get involved. This is a big hurdle for easy deployment.