If the management server is not behind that firewall, then you can use "cprid_util" tool and connect to the gateway over SIC.
This is why disaster recovery solutions are MUST HAVE in place:
1. Working console connection (if console server is behind FW, NEVER put console server behind the firewall which you want to connect). The same applies to LOM.
2. Scheduled daily backup OUTSIDE of the box (Storage, NAS). In case of management - migrate export, mds_backup
3. Deploy cluster environments (2 cluster members minimum).
4. If possible, rack members in different rooms/racks/buildings/countries.
5. Management traffic should go via External interface, or dedicated interface (not via VPN).
6. Proper monitoring including syslog server in place (monitoring of RAID, PSUs, FANs, ...).
7. Create local users.
8. Do snapshot before a major change.
9. Test revert and restore periodically.
10. Document every change you did to the system and let the change be approved by someone else (more brains, fewer problems). Document also all passwords used (SIC, S2S secrets, local user passwords).
10. Reboot box every half a year.