Hello - I am running SharePoint 2016 and I've been task to setup a way to have external access to SharePoint.
Front-End Servers = 2 Servers
Distributed Cache Servers = 2 Servers
Application Servers = 2 Servers
SQL Servers = 1
What I have read is that the best practice is to leave our SharePoint farm entirely within the Intranet and use a reverse proxy in the DMZ, like WAP + ADFS. We’ll need to open far too many ports between SharePoint and Domain Controllers which will reduce the security of the environment. A reverse proxy is a single port -- tcp/443.
I am looking for a step-by-step guide on how I can set this up for SharePoint. I truly appreciate your help!