OK, I'm at wits end.
Set up Remote Desktop Services on 2012 R2 (RD Connection Broker, RD gateway, RD Licensing, RD Session Host, RD We Access all on the same server). Setup a DNS A-record for remote.domain.com to point to a DynDNS account which points to the WAN on my firewall which then is NATed to the RDS server. I know I am getting good connection from a browser from https://remote.domain.com to the RDS server as I confirmed it with "telnet remote.domain.com 443" but I do not get a telnet response on port 3389.
I configured both RD Web Access (for a single application and am currently bound to a self-signed certificate) and gateway and can access everything fine from the inside of the network using "https://rds.internal.domain.com/RDWeb" but when I try to access from the outside using "https://remote.domain.com" I get error 403 Forbidden - "You don't have permission to access / on this server". I really need to get this set up so users can access the server from the outside.
Thank you in advance for your help with this matter!