SOLVED

Azure Virtual Desktop RDP Shortpath

%3CLINGO-SUB%20id%3D%22lingo-sub-2624938%22%20slang%3D%22en-US%22%3EAzure%20Virtual%20Desktop%20RDP%20Shortpath%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2624938%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20team%3C%2FP%3E%3CP%3EIn%20a%20scenario%20where%20remote%20users%20are%20connecting%20directly%20to%20Azure%20Virtual%20Desktop%20from%20their%20home%20(with%20no%20VPN%20to%20corp%20office)%2C%20can%20I%20use%20ShortPath%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20MS%20doc%20states%3A%3C%2FP%3E%3CP%3E%3CEM%3E%22%3C%2FEM%3E%3C%2FP%3E%3CP%3E%3CEM%3ETo%20support%20RDP%20Shortpath%2C%20the%20Azure%20Virtual%20Desktop%20client%20needs%20a%20%3CSTRONG%3Edirect%20line%20of%20sight%3C%2FSTRONG%3E%20to%20the%20session%20host.%20You%20can%20get%20a%20direct%20line%20of%20sight%20by%20using%20one%20of%20the%20following%20technologies%3A%3C%2FEM%3E%3C%2FP%3E%3CUL%3E%3CLI%3E%3CEM%3EThe%20remote%20client%20machines%20must%20be%20running%20either%20Windows%2010%20or%20Windows%207%20and%20have%20the%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fremote%2Fremote-desktop-services%2Fclients%2Fwindowsdesktop%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EWindows%20Desktop%20client%3C%2FA%3E%26nbsp%3Binstalled.%20Currently%2C%20the%20web%20client%20is%20not%20supported.%3C%2FEM%3E%3C%2FLI%3E%3CLI%3E%3CEM%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fexpressroute%2Fexpressroute-circuit-peerings%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EExpressRoute%20private%20peering%3C%2FA%3E%3C%2FEM%3E%3C%2FLI%3E%3CLI%3E%3CEM%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvpn-gateway%2Ftutorial-site-to-site-portal%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESite-to-Site%20VPN%20(IPsec%20based)%3C%2FA%3E%3C%2FEM%3E%3C%2FLI%3E%3CLI%3E%3CEM%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvpn-gateway%2Fvpn-gateway-howto-point-to-site-resource-manager-portal%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EPoint-to-Site%20VPN%20(IPsec%20based)%3C%2FA%3E%3C%2FEM%3E%3C%2FLI%3E%3CLI%3E%3CEM%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-network%2Fvirtual-network-public-ip-address%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EPublic%20IP%20address%20assignment%3C%2FA%3E%3C%2FEM%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CEM%3E%22%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%2C%20home%20users%20connecting%20directly%20to%20AVD%20-%20does%20this%20equal%20a%20'direct%20line%20of%20sight'%20connection%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2625434%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Virtual%20Desktop%20RDP%20Shortpath%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2625434%22%20slang%3D%22en-US%22%3ENo%2C%20it%20doesn't%2C%20users%20connecting%20from%20home%20will%20just%20be%20flowing%20over%20the%20internet%20-%20both%20side%20of%20the%20traffic%20(the%20home%20internet%20to%20the%20Azure%20edge)%20is%20unmanaged%2C%20so%20the%20route%20can't%20be%20optimized.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2625435%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Virtual%20Desktop%20RDP%20Shortpath%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2625435%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F108279%22%20target%3D%22_blank%22%3E%40Luke%20Murray%3C%2FA%3E%26nbsp%3B-%20thats%20great%20thank%20you!%20So%20basically%20Shortpath%20is%20a%20good%20option%20to%20optimise%20traffic%20when%20inside%20a%20corp%20%2F%20private%20network%20and%20this%20can%20prevent%20'hair%20pin'%20type%20traffic%20flow%20I%20guess.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hello team

In a scenario where remote users are connecting directly to Azure Virtual Desktop from their home (with no VPN to corp office), can I use ShortPath? 

 

The MS doc states:

"

To support RDP Shortpath, the Azure Virtual Desktop client needs a direct line of sight to the session host. You can get a direct line of sight by using one of the following technologies:

"

 

So, home users connecting directly to AVD - does this equal a 'direct line of sight' connection?

 

thanks

 

3 Replies
best response confirmed by DarrenP (New Contributor)
Solution
No, it doesn't, users connecting from home will just be flowing over the internet - both side of the traffic (the home internet to the Azure edge) is unmanaged, so the route can't be optimized.

@Luke Murray - thats great thank you! So basically Shortpath is a good option to optimise traffic when inside a corp / private network and this can prevent 'hair pin' type traffic flow I guess.

Yes, as long as the Firewalls aren't blocking UDP port 3390 in your path - which you can control with the Expressroute/VPN connections, without those you can't control the specific paths of the traffic.