I was recommended Tinc VPN as currently being the best solution, and although I haven't tried it yet, I suggest you give it a shot first. Is your question about VPNs or about being able to run traffic over the filtered ports? The ports that your ISP have open become, therefore, irrelevant other than that you need a single available port to connect to the VPN in the first place. Inbound is very different for a VPN supplier. Does forwarding with iptables use the vpn tunnel?

