If by WAN-
IP means Internet accessible
IP then you don't even need STUN or any sort of tunneling/forwarding, STUN and TURN and other protocol used for either bypass the NAT and firewall restriction or to provide privacy (hide
IP's from each others) in case peer-peer connection.
So what you are saying is that if I run Websocket server behind a firewall that blocks all incoming connections to the corporate network and isn't configured to route incoming traffic to the right computer in the corporate network, with websockets it would just work I get to bypass the firewall and all clients that are runing on the mobile phones get connections to that server application?
It sound's kinda too good to be true.