R
Rinku_Dalwani
Editor's note 9.19.2024 – This post has been edited since publication.
We are pleased to announce the general availability of Relayed RDP Shortpath. This enhancement allows UDP connections via relays using the Traversal Using Relays around NAT (TURN) protocol, extending the functionality of RDP Shortpath on public networks for everyone.
TURN enables indirect connection by relaying traffic through an intermediate server when a direct connection is not possible. TURN is an extension of Simple Traversal Underneath NAT (STUN), with the added benefit of known public IP addresses and ports, which can be managed through firewalls and network devices. The preferred path is RDP Shortpath with STUN, which allows direct UDP connection between the client device and session host.
If firewalls or other network devices block UDP traffic, the connection will continue with a TCP-based reverse connect transport, as shown in this diagram:
A diagram illustrates an endpoint connecting to the internet and using a reverse connect transport to connect via a Azure Virtual Desktop gateway, STUN server, or TURN server to a Cloud PC.
To enable RDP Shortpath via TURN, you will need to allow the subnet and port listed in Row 1 of the table below on the Cloud PC/session host side and the physical device side. This range is currently shared with Azure Communication Services. However, Windows 365 and Azure Virtual Desktop will soon transition to the dedicated subnet in Row 2. This subnet is exclusively for Windows 365 and Azure Virtual Desktop use. For Windows 365 and Azure Virtual Desktop users, we recommend configuring both ranges in your network environment now to ensure a seamless transition.
If you would like to wait for the exclusive subnet or disable this feature, you can disable UDP using the guidance in Configure RDP Shortpath for Azure Virtual Desktop.
Table 1. RDP Shortpath via TURN requirements for both physical device and Cloud PC/session host side.
TURN relays are currently available in 14 Azure regions. The selection of the TURN relay is based on the location of the client endpoint. For example, if you are connecting from your home location in the UK to a Cloud PC in the US, you will be using either the UK South or UK West TURN relay.
We are working to expand for global availability. If your physical device connectivity is not near one of the above regions, TURN connectivity might not be successful at this time.
Windows App is now generally available. To learn more, see Windows App now available on all major platforms. We currently support Windows App on the following platforms:
We support the Remote Desktop app on the following platforms:
Once connected to your Cloud PC or session host, you can click on the connectivity icon (4 bars) in the remote desktop window.
This will display the network details including what type of transport is in use.
Table 2: RDP Shortpath Transport and connection output.
For detailed configuration guidance, including prerequisites and default configurations, see Configure RDP Shortpath for Azure Virtual Desktop.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.
Continue reading...
We are pleased to announce the general availability of Relayed RDP Shortpath. This enhancement allows UDP connections via relays using the Traversal Using Relays around NAT (TURN) protocol, extending the functionality of RDP Shortpath on public networks for everyone.
What is TURN?
TURN enables indirect connection by relaying traffic through an intermediate server when a direct connection is not possible. TURN is an extension of Simple Traversal Underneath NAT (STUN), with the added benefit of known public IP addresses and ports, which can be managed through firewalls and network devices. The preferred path is RDP Shortpath with STUN, which allows direct UDP connection between the client device and session host.
If firewalls or other network devices block UDP traffic, the connection will continue with a TCP-based reverse connect transport, as shown in this diagram:
A diagram illustrates an endpoint connecting to the internet and using a reverse connect transport to connect via a Azure Virtual Desktop gateway, STUN server, or TURN server to a Cloud PC.Configuration requirements
To enable RDP Shortpath via TURN, you will need to allow the subnet and port listed in Row 1 of the table below on the Cloud PC/session host side and the physical device side. This range is currently shared with Azure Communication Services. However, Windows 365 and Azure Virtual Desktop will soon transition to the dedicated subnet in Row 2. This subnet is exclusively for Windows 365 and Azure Virtual Desktop use. For Windows 365 and Azure Virtual Desktop users, we recommend configuring both ranges in your network environment now to ensure a seamless transition.
If you would like to wait for the exclusive subnet or disable this feature, you can disable UDP using the guidance in Configure RDP Shortpath for Azure Virtual Desktop.
| Row | IP subnet | Ports | Use state | Subnet exclusive to Windows 365 and Azure Virtual Desktop? | Subnet use |
| 1 | 20.202.0.0/16 | UDP: 3478 | Current (as of September 2024) | No | Windows 365, Azure Virtual Desktop, Azure Communication Services |
| 2 | 51.5.0.0/16 | UDP: 3478 | Planned | Yes | Windows 365, Azure Virtual Desktop |
Table 1. RDP Shortpath via TURN requirements for both physical device and Cloud PC/session host side.
TURN relay availability
TURN relays are currently available in 14 Azure regions. The selection of the TURN relay is based on the location of the client endpoint. For example, if you are connecting from your home location in the UK to a Cloud PC in the US, you will be using either the UK South or UK West TURN relay.
We are working to expand for global availability. If your physical device connectivity is not near one of the above regions, TURN connectivity might not be successful at this time.
How to configure RDP Shortpath for public networks
- Azure Virtual Desktop: For details and configuration guidance, see Azure Virtual Desktop RDP Shortpath for public networks.
- Windows 365: For details and configuration guidance, see Windows 365 RDP Shortpath for public networks.
Windows App is now generally available. To learn more, see Windows App now available on all major platforms. We currently support Windows App on the following platforms:
- Windows
- macOS
- iOS and iPadOS
- Android (preview)
We support the Remote Desktop app on the following platforms:
- Windows, version 1.2.3488 or later
- macOS
- iOS and iPadOS
- Android
How do I know if I’m successfully using TURN?
Once connected to your Cloud PC or session host, you can click on the connectivity icon (4 bars) in the remote desktop window.
This will display the network details including what type of transport is in use.
| Connectivity type | Transport protocol output | Example output |
| TCP (WebSocket reverse connect) | WebSocket | [Network details] Transport protocol: WebSocket Round-trip time:13 ms Available bandwidth: 9.99 Mpbs Frame rate: 0 FPS |
| UDP (RDP Shortpath using STUN) | UDP | [Network details] Transport protocol: UDP Round-trip time:10 ms Available bandwidth: 60.93 Mpbs Frame rate: 0 FPS |
| UDP (RDP Shortpath using TURN) | UDP (relay) | [Network details] Transport protocol: UDP (relay) Round-trip time:29 ms Available bandwidth: 88.31 Mpbs Frame rate: 0 FPS |
| UDP (RDP Shortpath on private networks) | UDP (private network) | [Network details] Transport protocol: UDP (private network) Round-trip time:6 ms Available bandwidth: Greater than 135 Mpbs Frame rate: 0 FPS |
Table 2: RDP Shortpath Transport and connection output.
For detailed configuration guidance, including prerequisites and default configurations, see Configure RDP Shortpath for Azure Virtual Desktop.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.
Continue reading...