firewall on separate machine (gateway) - what ports to open?

[Thaufawuf7 0]

​Hello.
I started having problems after putting my client machine behind a gateway. For the sake of clarity, this is a firewall question, but the firewall is on a separate machine. The gateway is blocking everything by default, so I have to open any ports/addresses explicitly.
I have seen instructions on how to make AirVPN work with a firewall, but those instructions depend on the admin's  ability to allow connections to/from the 'tun' interface, which is not doable in my case for the above reason.
I am using plain OpenVPN through the command line - i.e., 'openvpn servname.ovpn'. Again, it works with the gateway down.
I did some traffic monitoring and found that the client uses port 443 on the serrver. Well, not surprising, given that that port number is in the .ovpn file. However, while I didn't notice any other packets, after allowing communication to/from port 443 on the server, I still can't complete an AirVPN connection. Since I'm using command line, I can see that the process freezes at the 'control channel authentication' stage. Specifically, I'm getting TLS errors.

Could someone shed some light on what else I need to open, please?