User Profile
Rinku_Dalwani
MicrosoftJoined 4 years ago
User Widgets
Recent Discussions
TURN relay regional expansion for Azure Virtual Desktop
TURN (Traversal Using Relays around NAT) enables devices behind firewalls to establish reliable UDP connections. With RDP Shortpath for public networks, TURN acts as a fallback when a direct UDP-based connection isn’t possible—ensuring low-latency, high-reliability remote desktop sessions. Starting June 15, 2025, we are launching a dedicated TURN relay IP range across the Microsoft Azure public cloud. This new range—51.5.0.0/16—enhances RDP Shortpath connectivity and delivers faster, more reliable performance for Azure Virtual Desktop and Windows 365 users in 40 regions worldwide. For the full list of supported regions and guidance on how to plan for this change, read the full announcement: Expanded TURN relay regions for Windows 365 and Azure Virtual Desktop1.1KViews0likes0CommentsExpanded TURN relay regions for Windows 365 and Azure Virtual Desktop
Starting June 15, 2025, we are launching a dedicated TURN relay IP range across the Microsoft Azure public cloud. This new range—51.5.0.0/16—enhances RDP Shortpath connectivity and delivers faster, more reliable performance for Azure Virtual Desktop and Windows 365 users in 40 regions worldwide. What is TURN? TURN (Traversal Using Relays around NAT) enables devices behind firewalls to establish reliable UDP connections. With RDP Shortpath for public networks, TURN acts as a fallback when a direct UDP-based connection isn’t possible—ensuring low-latency, high-reliability remote desktop sessions. As part of this transition, connections will gradually move away from the existing ACS TURN Relay range (20.202.0.0/16). This change will occur behind the scenes, but, to ensure uninterrupted service, you will need to proactively bypass the new TURN relay range (51.5.0.0/16). This new TURN relay range is part of the ‘WindowsVirtualDesktop’ service tag in Azure, making it easier for you to manage access and security configurations at scale. Benefits of the new TURN relay This change isn’t just a technical update—it’s a regional expansion. We’re scaling from 14 to 40 regions globally, bringing the TURN relay infrastructure closer to users, reducing latency, and improving connection reliability. Combined with a dedicated IP range for Azure Virtual Desktop and Windows 365 traffic, this initiative offers you more control, optimized routing, and a higher success rate for UDP-based communications. Here are the benefits in more detail: Expanding regional coverage By expanding from 14 to 40 regions globally, organizations will benefit from: Lower latency: Data travels shorter distances, resulting in faster connections and reduced lag. Improved reliability: Fewer dropped connections and more stable sessions, especially for real-time applications. Higher UDP success rates: Better performance for voice, video, and real-time data—even under variable network conditions. Dedicated IP Range for Azure Virtual Desktop and Windows 365 traffic This rollout introduces a dedicated IP range tailored for Azure Virtual Desktop and Windows 365 traffic, distinct from the ACS TURN relay. Benefits of this improvement include: Optimized traffic flow for Azure Virtual Desktop and Windows 365. Improved control over network security configurations. Customers can navigate restrictive security setups without compromising performance. Enhanced quality and speed for traffic, free from generic filtering Supported regions Below is a list of supported regions with the new TURN relay. A TURN relay is selected based on the physical endpoints, not the Cloud PC or session host. For example, a user physically located in the UK will use a relay in the UK South or the UK West regions. If the client is far from a supported region, the connection may fall back to TCP, potentially impacting performance. Australia East Japan East Spain Central Australia Southeast Japan West Sweden Central Brazil South Korea Central Switzerland North Canada Central Korea South Taiwan North Canada East Mexico Central UAE Central Central India North Central US UAE North Central US North Europe UK South East US Norway East UK West East US 2 Poland Central West Central US East US2 EUAP South Africa North West Europe France Central South Africa West West US Germany West Central South Central US West US 2 Israel Central South India West US 3 Italy North Southeast Asia How to prepare for this change This new IP subnet will form a critical part of the resilient and performant connectivity provided for Windows 365 and Azure Virtual Desktop. As part of the ongoing transition, traffic will be progressively redirected from the current Azure Communication Service (ACS) TURN relay range (20.202.0.0/16) to a newly designated subnet (51.5.0.0/16). While this shift is designed to be seamless, it’s essential that you preemptively configure bypass rules for the new range to maintain uninterrupted service. With both IP ranges properly bypassed, end users will not experience any connectivity issues. You therefore need to ensure that traffic is both accessible and optimized. Accessible Your environment should have this subnet accessible from all networks used for Windows 365 or Azure Virtual Desktop connectivity, both on the physical network and cloud side. For Microsoft Hosted Network deployments in Windows 365 this underlying connectivity is already in place. For Azure Virtual Desktop and Windows 365 – Azure network connection ANC deployments, the ‘WindowsVirtualDesktop’ service tag contains this subnet so connectivity may already be in place. Optimized The subnet should also be optimized to ensure this critical, latency sensitive traffic has the most performant path available, this means: No TLS inspection on the traffic. This traffic is TLS encrypted transport with a nested TLS encrypted tunnel. TLS inspection yields no benefit but carries high risk of performance and reliability impact and puts significant additional load on the inspecting device. Locally egressed, meaning traffic is sent to Microsoft via the most direct and efficient path. In Azure this means directly routed onto Microsoft’ backbone and for customer side networks, directly to the internet where it will be picked up by Microsoft’s infrastructure locally. Bypassed from VPN, Proxy and Secure Web Gateway (SWG) tunnels and sent directly to the service as demonstrated in the example here. On the Cloud side this may involve using a User Defined Route (UDR) to send the Windows Virtual Desktop traffic direct to ‘internet’ instead of traversing a virtual firewall as can be seen in the example here. Learn more To learn more about RDP Shortpath and how to configure it for public networks, see our documentation on RDP Shortpath for Azure Virtual Desktop.6KViews1like4CommentsNew Microsoft Teams app generally available on Windows 365
We are happy to announce the general availability of the new Microsoft Teams app on Windows 365. Microsoft Teams is one of the core Microsoft 365 applications used with Windows 365. Users and admins can now experience and enjoy all the benefits of the new Teams app within their Cloud PCs. The new Teams App not only offers the features of the classic Teams app, but offers improved performance, reliability, and security. Moving forward, new features and capabilities as well as enhancements to existing features will be available exclusively in the new Teams app. The classic Teams app will reach end of support on June 30, 2024, after which users will not be able to use classic Teams and will be asked to switch to the new Teams app. Therefore, we recommend that you update to the new Teams today. Note: New Teams for Virtualized Desktop Infrastructure (VDI) in Microsoft 365 Government clouds (GCC, GCC-H, DoD) will be rolled out at a later date. For more information on upgrading to the new Teams App, see Upgrade to new Teams for Virtualized Desktop Infrastructure (VDI) and the Microsoft Teams blog. Set up Microsoft Teams on Windows 365 New to Windows 365? Refer to the Teams on Windows 365 documentation for details on how to set up Microsoft Teams for your Cloud PCs. Set up Microsoft Teams on Azure Virtual Desktop The new Microsoft Teams app is also available for Azure Virtual Desktop. See today’s announcement for more details and refer to the Teams on Azure Virtual Desktop documentation for guidance on setup.2.1KViews0likes2CommentsNew Microsoft Teams app generally available on Azure Virtual Desktop
We are happy to announce the general availability of the new Microsoft Teams app on Azure Virtual Desktop. Microsoft Teams on Azure Virtual Desktop supports chat and collaboration. With media optimizations, it also supports calling and meeting functionality by redirecting it to the local device when using a supported Remote Desktop client. Users and admins can now experience and enjoy all the benefits of the new Teams app on their virtual desktop. The new Teams App has not only matched features of the classic Teams app, but has also improved performance, reliability, and security. Moving forward, new features and capabilities as well as enhancements to existing features will be available exclusively in the new Teams. The classic Teams will reach the end of support on June 30th, 2024, after which users will not be able to use the classic Teams and will be asked to switch to the new Teams app. Therefore, we recommend you update to the new Teams today. Note: New Teams for Virtualized Desktop Infrastructure (VDI) in Microsoft 365 Government clouds (GCC, GCC-H, DoD) will be rolled out at a later date. For more information on upgrading to the new Teams App, see Upgrade to new Teams for Virtualized Desktop Infrastructure (VDI) and the Microsoft Teams blog. Set up Teams on Azure Virtual Desktop New to setting up Microsoft Teams on Azure Virtual Desktop? Refer to the Teams on Azure Virtual Desktop documentation for more details. Using FSLogix for roaming profiles? Be sure to download and test using FSLogix 2210 hotfix 3 Preview (2.9.8716.30241) which provides support for the new Microsoft Teams app. An updated troubleshooting article is also available: Troubleshooting issues with AppX, MSIX or Microsoft store applications. Set up Teams on Windows 365 The new Microsoft Teams app is also available for Windows 365? Refer to the Teams on Windows 365 documentation on how to set up Microsoft Teams for Cloud PCs.4.1KViews0likes0CommentsAnnouncing public preview symmetric NAT support for RDP Shortpath
We are pleased to announce the public preview of symmetric NAT support for RDP Shortpath. This feature is the extension of the GA RDP Shortpath feature that allows us to establish a UDP connection indirectly using relay with the TURN (Traversal Using Relays around NAT) protocol for symmetric NAT. What is TURN? TURN is a popular standard for device-to-device networking that is now available for low latency, high-throughput data transmission with Azure Communication Services. It allows developers to quickly bootstrap to a high-performance, redundant, and globally scaled set of networking services that are often themselves complex and expensive to deploy. These services can power real-time communication between web or mobile applications built with open-source WebRTC clients, even when endpoints are behind NAT or firewalls that may prevent direct peer-to-peer connections. Developers can use the low-level standards-compliant TURN service for raw high-performance data transmission or layer voice or video communication experiences on top of this data channel. How can I use it? The feature is available in validation host pools and enabled for all connections. There is no additional configuration needed to enable the feature. Since outbound connectivity is required between the session hosts and client to function as intended, we recommend allowing outbound UDP connectivity to the Internet. IT Admins can limit the port range used to listen to the incoming UDP flow. The feature is currently available in 14 regions, and we are planning to extend it to other regions in the future. The connection initiated across regions will use UDP established through TURN where available. Otherwise, the connection will revert to the existing mechanism. To learn more about the feature and configuration details, please check out Azure Virtual Desktop RDP Shortpath for public networks. Further reading resources: Understanding Azure Virtual Desktop network connectivity - Azure | Microsoft Learn Conceptual documentation for Azure Communication Services - Network Traversal - An Azure Communicati... Announcing general availability of RDP Shortpath - Microsoft Community Hub2.7KViews2likes0CommentsAnnouncing general availability of RDP Shortpath
We are pleased to announce the general availability of RDP Shortpath for public networks. RDP Shortpath improves the transport reliability of Azure Virtual Desktop connections by establishing a direct UDP data flow between the Remote Desktop client and session hosts. This feature is enabled by default for all customers. We started deploying RDP Shortpath in September and now the feature is 100% rolled out. What is RDP Shortpath for public network? RDP Shortpath lets user sessions directly establish a User Datagram Protocol (UDP) flow between client and session host using the Simple Traversal Underneath NAT (STUN) and Interactive Connectivity Establishment (ICE) protocols. This enhances transport reliability for Azure Virtual Desktop. To ensure a seamless rollout and that most customers receive the improved reliability RDP Shortpath offers without making extra work for the IT admins, we have enabled this feature for all connections by default. Outbound connectivity is required between the session hosts and client to function as intended. Therefore, we recommend allowing outbound UDP connectivity to the Internet. IT Admins can limit the port range used to listen to the incoming UDP flow. For more information about how to configure firewalls for RDP Shortpath, see allow outbound UDP connectivity. To learn more about the feature and configuration, please check out Azure Virtual Desktop RDP Shortpath for public networks.1KViews1like0CommentsRDP Shortpath for public networks in Azure Virtual Desktop
We are pleased to announce that we will start deploying RDP Shortpath for public networks on September 6th. The feature will be delivered to validation host pools before going live in production host pools. RDP Shortpath improves the transport reliability of Azure Virtual Desktop connections by establishing a direct UDP data flow between the Remote Desktop client and session hosts. This feature will be enabled by default for all customers. What is RDP Shortpath for public networks? RDP Shortpath lets user sessions directly establish a User Datagram Protocol (UDP) flow between client and session host using the Simple Traversal Underneath NAT (STUN) and Interactive Connectivity Establishment (ICE) protocols. This will enhance transport reliability for Azure Virtual Desktop. For more information, check out Azure Virtual Desktop RDP Shortpath for public networks. For TCP-based transport, the outbound traffic from Virtual Machine to the RDP client is through Azure Virtual Desktop (AVD Gateway). With RDP Shortpath, the outbound traffic is established directly between session host and RDP client over the internet. This helps reduce a hop and improves latency and end user experience. Due to changes in the data flow for RDP Shortpath, there will be changes in egress network charge billed per subscription according to Azure standard pricing for the internet bandwidth consumed. When will this feature be generally available? We have been previewing this feature with great feedback from our customers and will begin making this generally available September 6th. First, we’ll enable it only in validation host pools, before going live in production host pools. The feature will be enabled for all customers by default. Once it’s available in production host pools, we recommend deleting the preview registry key. Who will get RDP Shortpath for public networks? To ensure a seamless rollout and that most customers receive the improved reliability RDP Shortpath offers without making extra work for the IT admins, we’ll enable this feature for all connections by default. This feature requires outbound connectivity between the session hosts and client to function as intended. Therefore, we recommend allowing outbound UDP connectivity to the Internet. IT Admins can limit the port range used to listen to the incoming UDP flow. For more information about how to configure firewalls for RDP Shortpath, see allow outbound UDP connectivity Symmetric Network Address Translation (NAT) environments, also known as bidirectional NAT environments, don’t support RDP Shortpath. Therefore, IT admins in large organizations that have some users in symmetric NAT while others aren’t, may see that some users won't benefit immediately from this new capability. For network environments that don’t support RDP Shortpath, the Remote Desktop client will fall back to existing paths, such as Transmission Control Protocol (TCP)-based reverse connect transport, and will continue to function as normal. If you’d prefer to keep using TCP-based reverse connect, you can turn this feature off by using one of the following options, which you can configure at any time before or during the feature rollout: Turn off User Datagram Protocol (UDP) support for the following group policy to deactivate the feature in the session host: Run gpedit.msc or open the control panel and search “Edit group policy.” Go to Computer Configuration > Administration Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Host > Connections > Select RDP transport protocols. Select Use TCP only. Disable the following ‘Group Policy’ to turn off the UDP support for a specific client: Run gpedit.msc or open the control panel and search for “Edit group policy. Go to Computer Configuration > Administration Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client. Set the "Turn Off UDP On Client" setting to Enabled. Customers can also turn this feature off using Intune: Follow the instructions in this article to set the Intune policy “ADMX_TerminalServer/TS_SELECT_TRANSPORT” as "Use only TCP.” Sep 7, 2022 – This post was edited after publication to clarify pricing information and timeline.8.1KViews0likes10CommentsRe: RDP Shortpath for public networks in Azure Virtual Desktop
Hi Roger1175 - Until the feature gets completely rolled out, you can have either public or managed shortpath at a time. However, once the feature rolls outs in R1 completely both can co-exist. And that point "found-first" logic will be triggered. This means that whichever connections gets established first will be considered. We will announce when the feature deployment is complete in production host pool.5KViews0likes1Comment
Recent Blog Articles
RDP Multipath is now generally available for Azure Virtual Desktop and Windows 365
This feature enhances reliability by dynamically evaluating multiple network paths to maintain seamless connectivity and reduce disconnections. With a phased, quality-driven rollout underway, IT pros...2.1KViews1like1Comment
