I might not be following. While yes, it's true that the proxy would have access to both Web1 and Web2, external client 2 would only have access to one intercept and would only be able to send traffic to one of the reverse proxied endpoints. I don't see how that client would be able to access Web1 (assuming external client 2 is allowed to access only Web2).
This is more what I was thinking of...
Here you have a green public Web1 that is proxied through one interface in the proxy that the firewall sends traffic through to. You also have two private Web2/Web3 that are exclusively accessible via the openziti router deployed in private address space. You add two services, one for web 2 and one for web 3, and you instruct the router to host/bind those services.
I think this might end up not working if Web2 and Web3 are hosted by the same machine? You might be able to send something like:
curl -H "host:Web2" https://web3.ziti
and thus be able to trick the proxy but if you put the apps on different ports (same *.domain) i think that would solve that problem?
I'm not sure to be honest. I dunno if I'm even in the ballbark with what you're thinking and if I understand you correctly. I'd probably have to experiement with the actual environment to give a better answer than this though. 
dunno if this helps...