With the UAGs, the web interface goes to the connection server, and then directly to the the desktop if the secure gateways aren't enabled. If the secure gateways are enabled the connections to the desktops are made through the uag and then directly to the virtual desktops. I'm wondering if your vms allow connections directly internal, but they are blocked externally. Check any firewall rules you have setup,check and see if you have the secure gateways enabled, and make sure they aren't enabled on the connection servers themselves.
Look at this guide for a reference if you haven't seen it
https://www.f5.com/pdf/solution-center/load-balancing-vmware-unified-access-gateway-servers-deployme...
