Yes. With Unified Access Gateway support access to Horizon from the Internet, everything can be done with just TCP 443.
Other ports are optional. i.e.:
PCoIP on TCP/UDP 4172
Blast on TCP 8443 and UDP 8443
UDP Tunnel on UDP 443
It is normal to allow TCP port 80 as well as TCP port 443. This is just so that Horizon user's don't have to enter https:// http port 80 will redirect to https 443.
Your configuration looks correct. You will need to troubleshoot what is getting blocked. It's likely one of the following.