Let him try the free one first. There's no way that can be easier than getting a Windows Live ID. What's the point of the custom domain name and certificate with Essentials?
Since you figured out how to open port 3389. Opening port 443 shouldn't be much more difficult
.png "ACUF Donor I")
