You could use some kind of SAN (Subject Alternate Name) on the internal certificate to make View happy. As far as your setup it's working for you so that's the main thing. Different people go about it different ways for instance we have dedicated connection brokers for our internal users and dedicated connection broker/security servers for the external users. This way we aren't tunneling any of our internal users.
↧