I am just weighing in here but...
I am an IT consultant for a company in anytown. We have a remote user in othertown and she is remotely connected in two ways. all Internet traffic is going through her ISP and all corporate data is going through the VPN connection (split tunneling)
I am currently having an issue where her email will not go out via the standard SMTP port 25 due to her ISP (comcast) blocking that port for security and spam prevention. while this is a common practice it is inconvenient for her as she has to connect to the vpn to send. I am also having the white screen problem with this remote user. I fail over to a different remote utility that works fine but your post is intriguing.
Here is what works:
- connection with iChat
- while connected audio works
- video works as I can control the mouse on her screen and I can see the cursor move as well.
- chat works as you would expect.
What does not work is the video that is streamed desktop. I believe what is happening is this.
1. connection is made over port 5900
2. audio and video are split into two separate streams audio goes over 5900
3. video is compressed into two separate streams 1 is from my end to the server side computer over 5900 and one is returned over a different port via RTP, RTSP or some other QuickTime technology.
4 while 5900 is apparently open and routed by the ISP the second video stream's port is not and consequently you can use ichat for all other functions.
I am going to discuss with comcast the port 25 thing and I will repost findings but depending on your ISP you may or may not be able to adjust these ports - further all of your custom firewall configuration efforts may in fact be a fool's errand as you will not be able to adjust your ISPs side port routing.
Finally I have read in another post that grayscale or a lower quality may bring back the image and this furthers my point that the high quality stream is compressed QuickTime and likely on a different port than 5900. When you lower the quality the compression is turned off and it likely falls back to port 5900.