there are 3 options:
- make a server on the client and implement services on it - stumble on NAT, proxy
- periodically request the server, holding the connection or not (comet, long polling, etc. - watch server push)
- web sockets, when the initial HTTP connection is from client to server is held and switched to full duplex.
protected as always by ssl

You are very timely. I was about to go to bed after reading the Cisco tutorial. Let's start with the fact that when working with NAT, routers change the sender address and sender port in the frame at the TCP ip protocol level to a random port that is recorded in special tables. When an application responds to a user request, it actually also sends a packet to the IP address specified in the transport headers. That is, in fact, when the client sent a request, work through the client NAT port can still be done for some time.
By the way, in general, all this is called two-way handshake using flags, etc.
Read about the OSI model and in particular TCP/IP, session creation, etc.
I hope I helped in any way I could.
As for the web server and service, what you say here is preferably a service, although under apache there are web sockets and an extension for php that allows you to do just that.

There is a special type of http requests - CONNECT - it does not break after data transfer.
The problem is that not all routers will agree to support this request outside the ssl session (it is just implemented through a "wrapper" in this type of request).
You can still do it differently - “drag out” the session.
If your server is not in php (you will not receive variables until the entire request body arrives), but with the ability to read the data stream directly from the client, then you can proceed as follows:
The client establishes a normal POST connection, but does not send the entire body, but in "portions", large buffers (8k - by default).
The server, having received the request header, begins to read data "on arrival" from the client, continuously polling the socket, processes the "portions" and outputs the result to the output stream.
The client receives data, processes and sends the next "portions".
In general, everything is very similar to downloading a large file from letitbit.
This method works well, but it looks like a "hung" connection to the proxy, and they can "break" it.

The client periodically connects to the server and checks if there is anything new and interesting for it. In general, there is no other way.
In a particular case, you can forward the port through NAT and connect to the client as a server.

If your system works over the HTTP protocol, then there are a whole bunch of options: from Comet and WebSocket to banal RSS feeds.
If everything works at a lower level, then feel free to take UDP or TCP; and NAT is not a problem here: the gaming industry has long been able to deal with this .