Thanks for your patience.

I've changed the settings on the connection and security server so that they all point to https://view.domainname.com. I've setup an internal alias so view.domainname.com points to connectionserver.com. I've also set an A record on my public domain and external access now works fine.

I'm getting further trying to access view internally but am still having issues. Now if I type view.domainname.com into the client, I now get as far as being able to put in my username and password, but it then hangs on 'authenticating' and never reaches the pools. However, this works fine externally.

Another weird issue is that if I turn off my pfSense firewall to stop internet access, it all works fine internally. I'm wondering if it's trying to go out externally somehow when trying to use the connection server internally. One other observation is if the security server is offline, I cannot even get as far as entering my credentials in the view client. I'm not sure if this is normal.

I've checked DNS and the CNAME record 'view' resolves to my connection server correctly. Running a ping on the machine with the view client shows it's resolving internally rather thn going out to the internet first.

Hope this makes sense. I feel I'm at the final hurdle now :-). I also created a wildcard cert and added that to the connection and security server, but that seems to be behaving.