I have the following situation:

- 2 Windows server 2008 Terminal servers in a Terminal Server Farm
- Server1 is Terminal server, web access server
- Server2 is Terminal server, web access server, license server, connection broker and terminal server gateway

I want users to be able to start remote apps and a remote desktop connections to these servers (load balanced with dns round robin)
I have a cisco firewall which forwards https traffic to server2 (ts gateway server). I installed a self signed certificate for test purposes.

Internally everything works fine, users are able to start remote apps and remote desktop sessions.
Externally I can reach the website, see the applications, but I am not able to authenticate....

Here is what happens:
A users goed to the external website en logs-in. The remote apps are visible. When I click on Excel for example, a dialog box appears, which ask me for my username and password. I entered domain\username with the appropriate password and click OK. 5 seconds later, the same screen comes back. The user won't get authenticated and cannot start his remote app. The same thing happens when the users starts a remote desktop session (to the external link).
The self signed certificate is installed on the server, in the rdp client, the correct name of the terminal server gateway is entered, but the login screen keeps coming up.

In the eventlog I see a couple of warnings, See below
Access to the WMI interface on Remote Desktop Session Host server server.domain.local was denied. Add the Remote App and Desktop Management computer to the TS Web Access Computers security group server.domain.local. Error Code: 0x80070005

This message is very straight, but I already did this...
I did also a check on a lot of forums, which tells me to check the WMI securrity, dcom etc....still no luck, because eveything seems be configured right.

Anyone have an idea what the problem is??