Hi,
I'm not sure is this the right forum but our situation is like that:
We want to use Remote Desktop Service and Web Application Proxy pre-authentication. Our WAP servers are in DMZ zone without domain connection and Remote desktop gateway is domain connected in internal network.
Because of RDG authentication WAP servers must be domain connected and that's why ports from DMZ should be opened to internal network. That sounds too risky.
Is there any arguments why this is not too risky? My opinion is that DMZ loses it's purpose when ports must be opened so that WAP servers can be domain connected
~ Jukka ~