I'm looking for some help understanding the networking of an RD farm.
The farm has connection broker, session host, web access server and a gateway server. My understanding (right or wrong?) is that external clients connect via a browser to the WA server over 443. They open apps and the traffic goes back to the client via 443. What I do not understand is where the traffic is from. WA or GW?
I've heard different explanations:
The traffic is proxied back through the WA. So Client -> WA -> GW -> WA -> Client (all over 443)
The WA hands over to the GW. So Client -> WA -> GW -> Client.
The reason for this is so I can get the firewall configured. Do I need to get the FW opened (443) for only WA or both WA and GW?