No, neither the ActiveGate itself nor any targets monitored by the HTTP monitors need a OneAgent on them. It sounds like the focus of this question is on installing the ActiveGate as opposed to setting it up for HTTP monitors.
I'd start by checking your security groups and any NACLs to make sure the communications are allowed (all HTTPS):
You can check the logs on your ActiveGate server to see if there is any connections being blocked.
Also worth checking that if you're installing a Cluster ActiveGate you'll need to check on the overview in the CMC and if you're installing an Environment ActiveGate your checking within the environment.