I have followed this guide https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-deploy-infrastructure and also tried deploying a template in azure using the following template https://azure.microsoft.com/en-gb/resources/templates/rds-deployment/ to deploy a Remote desktop services 2016 desktop session.
I cannot get it to connect externally it works from a vm within azure but I have a machine externally(not domain joined) I have trusted all the certs and get no untrusted warnings, i can go to the web page click a collection it then: 1) shows the gateway server as the external fqdn the remote computer is the internal fqdn 2) prompts for credentials for connecting to the gateway server(this may be incorrect as i think it should use single on on but not sure) 3) fails with remote access cannot connect to the remote computer for one of these reasons....remote access is disabled....
There is an event in the terminalservices-gateway log as shown below:
The user "vmadmin@ad", on client computer "80.4.54.44:58269", has initiated an outbound connection. This connection may not be authenticated yet.
Ports 443 open(3389 not needed for gateway)
