please, do not expose your AEM instances directly to the internet, without having secured them according to the security checklist; and the most important aspect being: add a dispatcher in front of it. And in most cases you can safely terminate the HTTPS connection there, and use unencrypted HTTP from dispatcher to AEM; but you can also choose to encrypt this connection.
But in any way, please add a dispatcher!
Regarding the connection: Maybe this connection is blocked somehow via a firewall?