We are pleased to announce the general availability of Relayed RDP Shortpath. This enhancement allows UDP connections via relays using the Traversal Using Relays around NAT (TURN) protocol, extending the functionality of RDP Shortpath on public networks for everyone.

What is TURN?

TURN enables indirect connection by relaying traffic through an intermediate server when a direct connection is not possible. TURN is an extension of Simple Traversal Underneath NAT (STUN), with the added benefit of known public IP addresses and ports, which can be managed through firewalls and network devices. The preferred path is RDP Shortpath with STUN, which allows direct UDP connection between the client device and session host.

If firewalls or other network devices block UDP traffic, the connection will continue with a TCP-based reverse connect transport, as shown in this diagram:

A diagram illustrates an endpoint connecting to the internet and using a reverse connect transport to connect via a Azure Virtual Desktop gateway, STUN server, or TURN server to a Cloud PC.

Configuration requirements

To enable RDP Shortpath via TURN, you will need to allow the subnet and port listed in Row 1 of the table below on the Cloud PC/session host side and the physical device side. This range is currently shared with Azure Communication Services. However, Windows 365 and Azure Virtual Desktop will soon transition to the dedicated subnet in Row 2. This subnet is exclusively for Windows 365 and Azure Virtual Desktop use. For Windows 365 and Azure Virtual Desktop users, we recommend configuring both ranges in your network environment now to ensure a seamless transition.

If you would like to wait for the exclusive subnet or disable this feature, you can disable UDP using the guidance in Configure RDP Shortpath for Azure Virtual Desktop. If you block the IP range 20.202.0.0/16 on your network, it may cause disconnects if you are using VPN applications such as Zscaler.

Row

IP subnet

Ports

Use state

Subnet exclusive to Windows 365 and Azure Virtual Desktop?

Subnet use

1

20.202.0.0/16

UDP: 3478

Current (as of September 2024)

No

Windows 365, Azure Virtual Desktop, Azure Communication Services

2

51.5.0.0/16

UDP: 3478

Planned

Yes

Windows 365, Azure Virtual Desktop

Table 1. RDP Shortpath via TURN requirements for both physical device and Cloud PC/session host side.

TURN relay availability

TURN relays are currently available in 14 Azure regions. The selection of the TURN relay is based on the location of the client endpoint. For example, if you are connecting from your home location in the UK to a Cloud PC in the US, you will be using either the UK South or UK West TURN relay.

We are working to expand for global availability. If your physical device connectivity is not near one of the above regions, TURN connectivity might not be successful at this time.

How to configure RDP Shortpath for public networks

Azure Virtual Desktop: For details and configuration guidance, see Azure Virtual Desktop RDP Shortpath for public networks.
Windows 365: For details and configuration guidance, see Windows 365 RDP Shortpath for public networks.

Windows App is now generally available. To learn more, see Windows App now available on all major platforms. We currently support Windows App on the following platforms:

Windows
macOS
iOS and iPadOS
Android (preview)

We support the Remote Desktop app on the following platforms:

Windows, version 1.2.3488 or later
macOS
iOS and iPadOS
Android

How do I know if I’m successfully using TURN?

Once connected to your Cloud PC or session host, you can click on the connectivity icon (4 bars) in the remote desktop window. 

This will display the network details including what type of transport is in use.

Connectivity type

Transport protocol output

Example output

TCP (WebSocket reverse connect)

WebSocket

[Network details]

Transport protocol: WebSocket

Round-trip time:13 ms

Available bandwidth: 9.99 Mpbs

Frame rate: 0 FPS

UDP (RDP Shortpath using STUN)

UDP

[Network details]

Transport protocol: UDP

Round-trip time:10 ms

Available bandwidth: 60.93 Mpbs

Frame rate: 0 FPS

UDP (RDP Shortpath using TURN)

UDP (relay)

[Network details]

Transport protocol: UDP (relay)

Round-trip time:29 ms

Available bandwidth: 88.31 Mpbs

Frame rate: 0 FPS

UDP (RDP Shortpath on private networks)

UDP (private network)

[Network details]

Transport protocol: UDP (private network)

Round-trip time:6 ms

Available bandwidth: Greater than 135 Mpbs

Frame rate: 0 FPS

Table 2: RDP Shortpath Transport and connection output.

For detailed configuration guidance, including prerequisites and default configurations, see Configure RDP Shortpath for Azure Virtual Desktop.

Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

​Microsoft Tech Community – Latest Blogs –Read More