Most routers have so-called NAT-functionality. It will let you access a remote server on any port, as long as the initial request for connection is originating from a computer behind the router. No configuration of the router should be necessary.
Most firewalls would per default block any outgoing connection from any program if the user has not accepted that this actual program is allowed to connect. Most "personal firewalls" would pop-up a question for the user whether connection should be allowed this time only, always, or never. There will be a GUI where to edit such "firewall-rules". Corporate hardware-based firewalls may need to be configured for users to reach certain ip-addresses, domain-names and use the MySQL port (3306).
The Windows XP built-in firewall does not interfere with outgoing traffic from your computer - basically it monitors incoming traffic only.
However if you connect with SQLyog to a MySQL server running on your 'localhost' most firewalls will consider this as "incoming traffic" since connection is established using the TCP-protocol. That is also true for the Windows XP firewall. Most firewalls will then ask user whether a "firewall rule" should be created that allows connection to the local server. However we have reports that the popular freeware firewall Zonealarm does not always. Then you must configure it yourself from the configuration menu.
In case of very restrictive security settings within an organization there is always the option to use HTTP-tunneling. That is always possible if you can reach the Internet with your browser. In some companies they only allow some specified user-agent for HTTP request. SQLyog sends the user-agent value similar to IE.