That's the configuration I use. You can run guacamole directly on the target server if you want. I'm reluctant to expose my Windows machines directly to the wild internet, and I don't want to learn how to configure an HTTPS reverse-proxy in Microsoft's ecosystem. Having a dedicated guacamole box is nice because I expose port 80/443 on my Linux Guacamole machine, and then use it to connect to any number of Windows and Linux computers behind my firewall/NAT.

Ok I see, thanks for the explanation.

That seems to be the case. Under "How do I get it?" it says:

> You will need a Linux or UNIX computer to host Guacamole.

I'm guessing that since it's java, you can run guacd on either windows or linux.

Only the web application is Java, guacd is written in C:

http://guac-dev.org/doc/gug/guacamole-architecture.html