Hi,
If the port 443 and 3389 has been opened, no other port need to be opened.
If port has no problem, the issue might related to the certificate and the FQDN in the URL.
Article “Set up the Remote Desktop web client for your users” mentioned below about certificate for webclient:
- The RD Web Access role is configured with a publicly trusted certificate. That means you should not use a self-signed certificate but need to obtain a certificate from a trusted public authority such as GoDaddy, GeoTrust, Digicert, Symantec, GlobalSign, Thawte, etc.
- Your URL uses the FQDN of the server hosting the RD Web role. https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-web-client-admin
Also, blog “Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services” mentioned certificate requirements as below:
- The certificates you deploy need to have a subject name or subject alternate name that matches the name of the server that the user is connecting to.
- The certificate for RDWeb needs to contain the FQDN of the URL, based on the name the users connect to. If you have users connecting externally, this needs to be an external name (needs to match what they connect to).
Thanks,
Eleven
If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.