Many organizations need to make Distributed COM work across a firewall. I won't dive into all the details in this book, but you should know that you can configure the Registry to enable Distributed COM across many types of firewall software. When the client-side SCM contacts the SCM on the server, the two communicate over port 135. When an object is bound to a client, the system dynamically allocates a different port for the connection from a fairly wide range of available ports.
The trick to making Distributed COM work across a firewall is to configure the firewall software to allow external clients to communicate across all the needed ports. This typically involves modifying the Registry to limit the ports that are dynamically allocated during activation. It also involves configuring the firewall software to make these ports accessible to external clients. If you need more information, you can consult an excellent online resource provided by a benevolent developer named Mike Nelson. Nelson maintains a white paper at http://www.microsoft.com/com/wpaper/dcomfw.asp that can give you a head start in configuring your environment.