In this scenario, the target machine is behind a router or a firewall with Network Address Translation (NAT) enabled. The target system has private IP address and isn't directly accessible over the internet. The attacker can only reach to the public interface of the router/firewall but won't be able to reach to the target system. In this case, the attacker will have to send the victim some kind of payload either through email or messenger and once the victim opens the payload, it will create a reverse connection back to the attacker passing through the router/firewall.