I don't know what the network configuration is, but many corporate networks use proxies that only allow these ports.
More open configurations that allow any OUTGOING traffic but only allow specific INCOMING traffic need to have uPnP configured, or it might not work. Without uPnP enabled the router needs to be specific configured to forward certain ports to the specific IP address of the iPhone, which can cause problem when the IP is dynamic.
You're probably right - I didn't think of that. We don't allow any traffic to non-80/443 ports on WiFi that's not via a VPN. Ah well. Maybe when the IT director gets his iPhone 4 this will loosen up.