I have no idea where to really begin.
Server 2012, clusterd RD Virtualization Host (2), single RD web access, gateway, licensing server, connection broker.
Everything internally works great. Everything externally works except logging into the RDweb connection. Redirection to a users desktop will fail. But it will work if I use a VPN, and it will also work if I use an app (iTap). It will not work if I use the RD Wed RDP file, or try to manually configure an RDP file, aside from the administrator account - which it will log directly into the server (which I don't want to do). I'm so mad, I can't find anything in either client or server event viewer. I thought it was a certificate issue, but ruled that out - it works fine.
The only thing I'm concerned with is - on the RDP file advanced properties page the top option where it says if server authentication fails, my canned RDP file from RD web is greyed out at Warn me. I think it's getting stuck there, because on the apps it will ask me and I say warn me once and then connect and everything works. But the windows clients don't get that option. I don't know what to do or where to go.
Someone please help me as this is pretty critical and I'm very annoyed.
Thanks ahead of time.