You certainly need to create an explicit hole in Firewall on the client side. If it was not required, firewalls would be totally useless. Isn't that logical?
As to VNC, this is graphical desktop sharing system (
http://en.wikipedia.org/wiki/VNC[
^]). It's totally unclear why interacting with VNC at the level of application program. It looks like a counter-productive idea to me. The adequate solution would be having some help desk service (specialized, or HTTP based, which would not require any manipulations with the firewalls because the hole for HTTP is prepared by default :-)) and client software (specialized, or just the Web browser).
For such a simple thing as a help desk, the Web-based approach looks the most apparent and attractive. And, as you mention C# in your question tags, the most maintainable and natural project would be an ASP.NET application. Look:
http://www.asp.net/get-started[
^] :-).
—SA