Correct, the clients will attempt a Peer-to-Peer media session (Remote Desktop is RDP over SRTP).
Once the clients establish a P2P session they will attempt to transmit media over dynamically addresses ports in the range of 1024-65535 UDP/TCP (technially I beleive only TCP is required for Desktop Sharing, UDP is used by Audio/Video).
Take a look at the Office Communicator component in this table:
http://technet.microsoft.com/en-us/library/bb870402.aspxYour best option is probably to limit (minimum of 20 ports) the Media Port Range (via GPO) in the OC client and then open just that range of ports on the firewall between subnets.
Details for that can be found here:
http://technet.microsoft.com/en-us/library/bb964029.aspx
Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS