Could the timeouts be because of the restricted NAT?
The timeout is normal. Snowflake proxies contact the broker asking for clients, if no client is around asking for a proxy it will timeout and contact again the broker. This is how webrtc works.
Is it possible to forward some port(s) to workaround this and to avoid the timeouts?
No, the webrtc connection uses unpredictable port numbers. You can not open them ahead of time.
Is it not advisable to share the same public IP address with an obfs4 bridge? I’ve read that all ports on the same IP could get blocked by firewalls such as the GFW which means that both the bridge and the proxy will be blocked if either is detected by the GFW.
Yes, is better to don’t share the same IP, as you say the censors might block everything once they find a bridge.
The [Snowflake Technical Overview] link on What is Snowflake? | Tor Project | Support seems broken?
You are right, it looks like the tls cert of keroserene.net is expired. I’ll see if we can find who can fix that.
For now you can see the website is archived in archive.org:
serene - Snowflake Technical Overview