RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (2025)

by Niels Kok

This is my take on RDP Shortpath for WVD. In this blogpost I will discuss the pro’s and cons of using this feature. Furthermore, I will talk about the configuration needed and the architecture involved. You can find the configuration below. I will first talk about the architecture and the pro’s and cons. I will then show how I configured this in my test environment.

Architecture

Firstly, the architecture. This is architecture overview from the Microsoft Docs:

RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (1)

The architecture overview shows that it is now possible to connect to your WVD hostpools directly. You can do this is in a number of ways:

  • Public IP assignment to your sessionhost (not recommended)
  • Via Site to Site VPN
  • Via Point to Site VPN
  • Express Route

In addition, if you don’t use a solution based on the above this could result in worse performance then without RDP ShortPath.

Furthermore, it is worth noting that this is not a solution which creates a private endpoint for your VM’s. You still connect via the public endpoint for WVD in the microsoft cloud. When you log on using the Remote Desktop client detects that, if configured, that there a “ShortPath” available. Then the client switches over to the UDP connection. For example:

RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (2)

In addition, when the “ShortPath” is not available the Remote Desktop client automatically switches back to the public endpoint connection. This is the connection information for a normal connection:

RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (3)

You can see that the same gateway is used when connected via ShortPath and connected via the “normal” connection.

Pro’s & Cons

The pro’s of the solution are:

  • You are now able to fully control the connection to your WVD Sessionhost. Furthermore, you can apply QoS (Quality of Service) to the whole route to your sessionhosts.
  • There is more bandwidth available between the clients and the sessionhosts. This results in faster transfer times when copying files from and to the sessionhosts.
  • UDP is a protocol with less overhead, as a result, this could lead a much smoother experience for the end users.

The con’s of the solution are:

  • All the traffic now routes via the S2S VPN, Express Route or P2S VPN. This could lead to much higher costs. For example: You have Microsoft Teams offloading configured. Which offloads the rendering tasks for Microsoft Teams to the local clients. This takes about 1 Mbit/s of a bandwidth, this does not seem to be much… but if 500 users are doing this at the same time you could be looking at an upgrade for networking solution. This does not even take other applications in to account.
  • The Remote Desktop application decides whether Shortpath is being used or not. You can not control this. The application detects the best route and applies it if it thinks it is better.
  • RDP ShortPath is only available in the Remote Desktop Client.

Configuration

I have configured RDP ShortPath for WVD like this in my own testing environment:

RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (4)

The green connection represents the ShortPath connection and the red connection represents the normal connection via the public endpoint for WVD from Microsoft.

My “WVD Development” sessionhosts have RDP Shortpath configured and the “WVD Test” sessionhosts do not.

Configuring RDP ShortPath for WVD is fairly easy. Only the sessionhosts need to be configured. There is nothing to be done in the Azure Portal. Microsoft has provided scripts to implement this. You need to configure 2 things.

  1. Configure 2 registry keys. These enable UDP to be used for the Remote Desktop connection.
  2. After that you configure the Windows Defender Firewall on the session host to allow the 3390 UDP connection.

This is the script to configure the registry keys:

$WinstationsKey = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations' New-ItemProperty -Path $WinstationsKey -Name 'fUseUdpPortRedirector' -ErrorAction:SilentlyContinue -PropertyType:dword -Value 1 -Force New-ItemProperty -Path $WinstationsKey -Name 'UdpPortNumber' -ErrorAction:SilentlyContinue -PropertyType:dword -Value 3390 -Force

And this is the script Microsoft made available to configure the Windows Defender Firewall:

New-NetFirewallRule -DisplayName 'Remote Desktop - Shortpath (UDP-In)' -Action Allow -Description 'Inbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3390]' -Group '@FirewallAPI.dll,-28752' -Name 'RemoteDesktop-UserMode-In-Shortpath-UDP' -PolicyStore PersistentStore -Profile Domain, Private -Service TermService -Protocol udp -LocalPort 3390 -Program '%SystemRoot%\system32\svchost.exe' -Enabled:True

You can also configure this via Group Policy within Active Directory. I personally would put configuration like this in the WVD image so you don’t get a lot of overhead on the configuration. This is fairly easy to integrate in to your image creation process.

References

Microsoft Doc about RDP ShortPath

More Posts about WVD and Azure DevOps:

Automated Bitlocker Encryption on your Session Hosts via Azure DevOps

OneDrive Machine Install Script

RDP ShortPath for WVD - NielsKok.Tech Azure Virtual Desktop (2025)

FAQs

What is the RDP shortpath for Azure Virtual Desktop? ›

Users can connect to a remote session from Azure Virtual Desktop using the Remote Desktop Protocol (RDP) with a UDP or TCP-based transport. RDP Shortpath establishes a UDP-based transport between a local device Windows App or the Remote Desktop app on supported platforms and session host.

Does Azure Virtual Desktop use RDP? ›

Azure Virtual Desktop uses Remote Desktop Protocol (RDP) to provide remote display and input capabilities over network connections. RDP was initially released with Windows NT 4.0 Terminal Server Edition and was continuously evolving with every Microsoft Windows and Windows Server release.

How to configure RDP in Azure VM? ›

Connect to the virtual machine
  1. Go to the Azure portal to connect to a VM. ...
  2. Select the virtual machine from the list.
  3. At the beginning of the virtual machine page, select Connect.
  4. On the Connect to virtual machine page, select RDP, and then select the appropriate IP address and Port number.

What port does RDP Shortpath use? ›

To use RDP Shortpath for managed networks, you must enable a UDP listener on your session hosts. By default, port 3390 is used, although you can use a different port.

What are the benefits of RDP shortpath? ›

RDP Shortpath benefits

RDP Shortpath enhances the TCP connection by providing an additional direct or relay-based connection between the Remote Desktop client and the Windows 365 Cloud PC using UDP. This improves connection reliability, reduces latency, and increases available bandwidth.

What is the default allow RDP for Azure? ›

The default port for RDP is TCP port 3389. A rule to permit RDP traffic may not be created automatically when you create your VM. If you do not have a rule that allows RDP traffic, create a Network Security Group rule. Allow TCP port 3389.

How to setup WVD in Azure? ›

To deploy Azure Virtual Desktop, you:
  1. Create a host pool.
  2. Create a workspace.
  3. Create an application group.
  4. Create session host virtual machines (VMs).
  5. Enable diagnostic settings (optional).
  6. Assign users or groups to the application group for users to get access to desktops and applications.
Aug 22, 2024

What is RDP virtual desktop? ›

Remote Desktop Protocol (RDP) is a Microsoft protocol that helps app developers simplify the complexities of dealing with the protocol stack.

Is Azure Virtual Desktop a VDI? ›

Azure Virtual Desktop is for organizations with expertise implementing and managing virtual desktop infrastructure (VDI) solutions that want to give employees a secured, remote Windows desktop experience that's fit for many use cases.

How do I set up RDP settings? ›

How to use Remote Desktop
  1. Make sure you have Windows 11 Pro. To check this, select Start , and open Settings . ...
  2. When you're ready, select Start , and open Settings . Then, under System , select Remote Desktop, set Remote Desktop to On, and then select Confirm.
  3. Make note of the name of this PC under PC name.

How do I connect to Azure AD RDP? ›

How to Connect to Remote Azure Active Directory Joined Device?
  1. Click Allow remote access.
  2. Uncheck Allow connections only from computers running Remote Desktop with Network Level Authentication and click OK to save the change.
  3. Create an RDP file that you will use to connect to your Azure AD-joined VM.
Jul 13, 2023

How do I run a remote command on Azure VM? ›

Go to a VM in the Azure portal and select Run command from the left menu, under Operations. You see a list of the available commands to run on the VM. Choose a command to run. Some of the commands might have optional or required input parameters.

What is the default port for Azure RDP? ›

RDP port 3389 is exposed to the Internet. Therefore, we recommend that you use this port only for recommended for testing. For production environments, we recommend that you use a VPN or private connection.

What is the recommended RDP port? ›

Remote Desktop Protocol (RDP) is a Microsoft proprietary protocol that enables remote connections to other computers, typically over TCP port 3389.

Is 3389 a port for RDP? ›

Port 3389 is the default port used to facilitate remote access to Windows computers through the Remote Desktop Protocol (RDP). That allows users to operate a remote desktop or server from anywhere on the globe.

What is 20.202 0.0 16? ›

Range of Azure public cloud IP addresses 20.202. 0.0/16 The range provided above is the range of IP addresses on either Media processor or Azure Communication Services TURN service.

What is RDP file in Azure? ›

The Get VM RDP File activity retrieves the Remote Desktop Protocol configuration file from the specified virtual machine. It's part of the Azure Virtual Machines category activity. The activity publishes all the data from the required and optional properties into published data.

What is the Remote Desktop Protocol RDP connection? ›

RDP Definition

Remote Desktop Protocol (RDP), a secure network communication protocol offered by Microsoft, allows users to execute remote operations on other computers. It facilitates secure information exchange between remotely connected machines over an encrypted communication channel. How secure is Windows RDP?

References

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Duane Harber

Last Updated:

Views: 5781

Rating: 4 / 5 (51 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Duane Harber

Birthday: 1999-10-17

Address: Apt. 404 9899 Magnolia Roads, Port Royceville, ID 78186

Phone: +186911129794335

Job: Human Hospitality Planner

Hobby: Listening to music, Orienteering, Knapping, Dance, Mountain biking, Fishing, Pottery

Introduction: My name is Duane Harber, I am a modern, clever, handsome, fair, agreeable, inexpensive, beautiful person who loves writing and wants to share my knowledge and understanding with you.