I think you have a general misunderstanding about the difference between a filtering proxy server, (that is stopping you fro mdownloading files with specific extension) and a firewall that stops traffic accessing certin ports.
You connect to the proxy server on a standard port (3128 or 8080 or various others), you could try not using the proxy, if you knew the address fo the gateway.
theres achance however that the gateway is setup to only allow traffic from port 80 (the web port) from a certain IP address (the proxy!).
Most systems are fool proof.
Usually the admin will put holes in so that they can surf for porn/download warez/music or whatever else they stop you doing.
This can be a different port on the proxy.
it could be exception to the firewall rules allowing port 80 connections from admin machines on a fixed IP address.
The most popular proxy used in education (as far as I know) is squid (cause it's free).
this has the ability to have domain password recognition, so unless you know the port the admin connects on, and their password then you don't have much hope of getting out.
Like I said, most systems are fool proof, they are made fool proof by only accepting traffic on certin portsfrom certain addresses.
unless you spoof the IP address of a proxy to connect directly to the firewall (which may not even work if there is a proper DMZ setup) you don't have much hope.
Admitidly most school admins are as thick as two short planks, - that why they have county approved companies that install systems for them.