Getting VNC to work internally is very different from getting it working remotely I've discovered. It tells me that my commands aren't utter bollocks at least, but of course it doesn't tell me if the approach is correct.
It is now working remotely after a lot of trial and error, but I am not satisfied this is the best way to do it. I do...
ssh -p 22 -L 5900:127.0.0.1:5900 <coreUser>@<externalIP>
ssh - p 22 -L 5900:127.0.0.1:5900 <desktopUser>@<internalIPofDesktop>
...and then I can do the VNC thing, which is great don't get me wrong, but....
How do I combine these two steps and ssh straight into my desktop, without having to type in the core password? If this is the best way of doing it, then fine, but how do people without a clever LMCE system do it i.e. with a normal router?
EDIT: I didn't do anything to the firewall, which makes sense seeing as this is a tunnel.