👍👍

Thanks…then, here is a fun comment for you. Thanks for taking the RDP ShortPath with me, Please share the video with others and subscribe and take all the short paths to Azure 😉🤪

Cool...what do you want to see Denny cover?

Thanks Jamie

Thank you for your support Michel!

thanks!

Thanks Shekhar!

Thanks! Please share with others ☺️

Thanks Faddy! Please share it with everyone on social media

Thanks!

Depends on your VPN setup and how your clients connect to it and through it to WVD.

Yes they do. ALMOST all GPOs turn into regkeys on the VM

Lots of things here...WVD doesn’t use traffic manager...Azure Front Door is in front of the WVD PaaS Service, but yes the service geolocation works that way. There are 2 parts to the WVD Service latency 1. Is talking to the WVD gateway and the other is connecting to the session host. With RDP ShortPath you do not connect to the gateway...but the client connects directly to the session host VM...so YES this would be reduced latency. Finally YES WVD can work on Azure Stack o the WVD service...not sure if RDP ShortPath works with Azure Stack.

Not skipping the gateway exactly...but the gateway tells the connection broker to have your client and the session host communicate directly.

The remote Session host

RDP ShortPath is in public preview today. So not production supported but if you have any issues or feedback etc, the product group would love to hear it! My comments about bandwidth were to start you thinking. If you have for example 2000 users on you Azure point to site VPN to a single gateway...is the gateway of a high enough SKU to support the load, or if the users are in a remote office...and they all have dual 4K monitors and want to use GPU powered VMs for CAD work but are on a satellite internet connection... using RDP ShortPath may put more of a bottleneck on those then reverse connect

Thanks again 🙏

anytime!

RDP ShortPath will work over your internal private network including any client vpn that you have and reverse connect will still work over the public internet

RDPShort path is a WVD session host feature that accepts UDP and a direct connection from the client when on a private network. You only need to open ports for UDP is something is blocking it, but in general home connections allow all outbound traffic, so no action needed...normally.

IF you had a NSG it would depend how restrictive it was. If you had a rule that blocked everything except what you explicitly allow the it would not work at all

Sounds like it isn’t set up correctly…take a look at this video for why kzbin.info/www/bejne/oWOplaScftWcjdUsi=X_HmAiOBJYHbh3sV

Did I...oh nice catch...☺️ but I did set it up correctly in the GPO

@@AzureAcademy very true...! Great video, I tried it with a P2S VPN yesterday and it worked well. So easy to configure too...

Awesome, glad I was able to help!

Correct, if they are on your private network they will use RDP ShortPath in that includes your VPN even point to site or client VPN. If they are over the public Internet they will use reverse connect

Thank you so much! I am going to try it tomorrow.

👍👍

I have not...WVD only works over TCP reverse connect and UDP RDP ShortPath.

The gateway isn’t exactly skipped with RDP short path. It’s still necessary to establish a connection for the session host. RDP, short path bypasses the gateway in the session host connection as the last step of the process.

Thanks Zurelia! Great question. Latency and Bandwidth are something to consider, but one of the biggest reasons for RDP ShortPath is to keep all the data of the user session on my private network, and off the public internet, which reverse connect does.

@@AzureAcademy ahh so the connection is going threw my onsite vpn instead of routing via public internet?

correct, RDP Shortpath will take a direct private path to the session hosts if it is availabile...if it isn't then it will fallback on Reverse Connect

If you are at home running on your VPN you are effectively on your corporate network so RDP ShortPath would function if you are at a coffee shop not on a VPN then you would be using reverse connect

If your clients only connect over the Internet directly then no RDP short path will not help you today however, it will help in the future…stay tuned!

You got me there...I would check the monitoring logs for WVD and see what happened.

@@AzureAcademy It took some time (other things got a bit in the way). But after checking everything over 5 times your description in the video and through MS docs (docs.microsoft.com/en-us/azure/virtual-desktop/shortpath) it's still not working. The only thing I could find was using the PowerShell cmd to check the UDP listener (Get-NetUDPEndpoint -OwningProcess ((Get-WmiObject win32_service -Filter "name = 'TermService'").ProcessId) -LocalPort 3390) And the result of that is the following : Get-NetUDPEndpoint : No matching MSFT_NetUDPEndpoint objects found by CIM query for instances of the ROOT/StandardCimv2 /MSFT_NetUDPEndpoint class on the CIM server: SELECT * FROM MSFT_NetUDPEndpoint WHERE ((LocalPort = 3390)) AND ((Owni ngProcess = 1072)). Verify query parameters and retry. At line:1 char:1 + Get-NetUDPEndpoint -OwningProcess ((Get-WmiObject win32_service -Filt ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (MSFT_NetUDPEndpoint:String) [Get-NetUDPEndpoint], CimJobException + FullyQualifiedErrorId : CmdletizationQuery_NotFound,Get-NetUDPEndpoint Just using Get-NetUDPEndpoint results in : LocalAddress LocalPort ------------ --------- :: 65501 ::1 54018 fe80::1002:9bed:267d:ab9f%2 54017 :: 5355 ::1 5353 :: 5353 :: 3389 fe80::1002:9bed:267d:ab9f%2 1900 ::1 1900 :: 123 0.0.0.0 65500 127.0.0.1 63400 127.0.0.1 62069 127.0.0.1 61580 127.0.0.1 61578 127.0.0.1 61394 127.0.0.1 60755 127.0.0.1 54104 127.0.0.1 54020 192.168.10.9 54019 127.0.0.1 52331 127.0.0.1 52138 0.0.0.0 49550 127.0.0.1 49495 192.168.10.9 49246 0.0.0.0 5355 192.168.10.9 5353 0.0.0.0 5353 0.0.0.0 3389 192.168.10.9 1900 127.0.0.1 1900 192.168.10.9 138 192.168.10.9 137 0.0.0.0 123 I'm lost and have given up also knowing it's a preview so maybe later it will be solved. TCP works fine, UDP would be the cherry on the cake.

sorry to hear you have run into so many issues Patrick. Did you try setting the reg key directly or the GPO, Also verify that those settings are present? Also do you have a NSG or firewall that needs to have UDP 3390 open?

Is there a firewall Or a network security group in Azure if so then you have to allow UDP 3390

@@AzureAcademy I did permit UDP port 3390 in VM firewall and same in Azure console. In the end I disabled the firewall completely on VM and I got UDP. Not ideal - but fine for my testing.. Thanks

definitely not ideal. I wonder if there is some other rule set that was blocking * or UDP that was tripping it up?

RDP ShortPath is an enhancement to your connection strategy so reverse connect will work for everyone external and short path works internally

@azureAcademy , how can i reverse that ? I want to use shortpath instead of web browser while connected to the public network

You need to restrict the short path traffic Watch this for more info kzbin.info/www/bejne/oWOplaScftWcjdUsi=EPfmUPGxtSYMDhAs

It will not reverse connect functions independently of RDP ShortPath

RDP ShortPath would give them a “more direct” connection path to WVD. But as for if the VPN has enough bandwidth for your users...that depends on what they are doing and how much bandwidth you have.

@@AzureAcademy Thanks for your reply.

@@AzureAcademy i mean "more direct" connection path equals faster performance when calling on office applications don't it?

I believe so...it certainly won't hurt to try it 😁

no, not exactly. RDP Shortpath is more about connection from the user to the VM, not the user in the session getting to an internet service like Office 365. Remember the Shortpath allows you to bypass the WVD Internet gateway service to the Session Hosts you get to connect directly to them. ..hope this helps.