RDP Shortpath Explained: The Key to Faster, More Reliable AVD Sessions

Introduction

If you've ever faced frustrating lag, unstable connections or sluggish performance in Azure Virtual Desktop (AVD), tell me about it! I've been there! Ensuring a seamless user experience is critical, and that's where RDP Shortpath comes in, a game-changing feature designed to improve connection stability and reduce latency.

But how does it work, and why should you care?

Understanding RDP Shortpath can transform the way users interact with AVD. With direct UDP-based connectivity, it bypasses the traditional relay path, leading to faster and more reliable connections.

In this blog post, I will be breaking down:

• What RDP Shortpath is and why it matters
• Key benefits of RDP Shortpath for your AVD environment
• A step-by-step configuration for both session hosts and clients

By the end of this blog post, hopefully, you will have the knowledge and tools to optimise your AVD setup and deliver a noticeably smoother experience for your users.

Let's dive in! 🏊

What is RDP Shortpath?

RDP Shortpath is a powerful feature designed to improve the speed, stability and overall performance of RDP connections in Azure Virtual Desktop. Instead of relying solely on traditional TCP connections, RDP Shortpath leverages UDP to create a more efficient and resilient connection.

Why does this matter? UDP allows for faster data transmission and better handling of network disruptions, significantly reducing latency and improving responsiveness. The result? A smoother, more reliable experience for users; whether they are working remotely, accessing resource-intensive applications or interacting with virtual desktops at scale.

For IT Teams and Managed Service Providers, enabling RDP Shortpath can be a game-changer in ensuring seamless connectivity, minimising disruptions and enhancing productivity across AVD environments.

RDP Shortpath - Key Benefits for your AVD Environment

Enabling RDP Shortpath in your AVD setup can significantly enhance performance, reliability and user experience. Here's how:

Stronger, More Reliable Connections
Traditional TCP connections can be prone to drops, but RDP Shortpath leverages UDP to create a more stable and resilient connections. This means fewer disconnections and a smoother experience for users.

Lower Latency for a More Responsive Experience
Since UDP transmits data faster without the overhead of TCP's error-checking, latency is significantly reduced. This is especially beneficial for real-time interactions and latency-sensitive applications like video conferencing of softphone telephony use.

Higher Throughput & Better Performance
By allowing higher data transfer rates, RDP Shortpath improves the performance of resource-intensive applications, ensuring a seamless workflow for users dealing with large files, graphic-heavy tasks or demanding workloads.

Better Network Resilience
Network disruptions? No problem. UDP handles fluctuations in network quality more efficiently than TCP, reducing interruptions and keeping sessions running smoothly; even in less-than-ideal network conditions.

Enhanced User Experience & Productivity
A faster, more stable connection leads to smoother interactions, reduced frustration and higher productivity. Users can focus on their work without dealing with lag, delays or dropped sessions.

Works Across Both Managed & Public Networks
Whether you're on an internal, private company network or a public internet connection, RDP Shortpath is designed to adapt and optimise performance across different environments. This flexibility makes it a versatile choice for various deployment scenarios.

By implementing RDP Shortpath, your AVD environment becomes faster, more resilient and optimised for a seamless desktop experience, helping both IT teams and end-users.

Getting Ready for RDP Shortpath: Key Pre-requisites

Before enabling RDP Shortpath in your AVD environment, you'll need to ensure your setup meets these key requirements:

Session Host Configuration
To support RDP Shortpath, session hosts must:

• Run a compatible OS - Windows 10 (although you should be using Windows 11 by now - given 10 is EOL in October 2025!).
• Enable RDP Shortpath listener - allowing your session hosts to accept UDP connections.
• Ensure UDP is enabled - allowing your session hosts to leverage UDP for Shortpath.

Client Device Requirements
For client devices to connect using RDP Shortpath, ensure:

• They must support UDP connections - With the Windows App slowly replacing the Remote Desktop Application (blog post on that soon!) - the chosen application must be up to date.
• UDP must be enabled - the client device will actually need UDP enabled, to allow RDP Shortpath connections.

Network Configuration
RDP Shortpath relies on UDP traffic, so ensuring the network is setup correctly is vital:

• Open the necessary ports - UDP typically uses port 3391.
• Host Pool Configuration - The AVD Host Pool should be configured to allow UDP Traffic.

Managed Networks
If you're using a Managed Network like a site-to-site VPN, make sure:

• Direct Connectivity - Line of sight connectivity is required for managed networks between the client and the AVD environment.
• Protocol Configuration - ICE/STUN is properly configured.

Public Networks
For Public internet connections, ensure:

• UDP Outbound Traffic - should be allowed to public IP spaces.
• Server IP Ranges - STUN may need to be configured on UDP port 3478.

How to Enable RDP Shortpath for Session Hosts

Step-by-Step Guide: Enabling RDP Shortpath via Intune

1️⃣ Access Intune and Create a Configuration Profile

• Sign in to the Microsoft Intune admin Center.
• Navigate to Devices > Configuration profiles and select + Create profile.
• Choose Windows 10 and later as the platform.
• Under Profile type, select Settings Catalog.

2️⃣ Configure RDP Shortpath in Administrative Templates

• In the Settings picker, browse to: Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Azure Virtual Desktop.
• Locate Enable RDP Shortpath for managed networks and check the box to enable it.
• Close the settings picker.

3️⃣ Apply the Configuration to Target Devices

• Expand Administrative Templates and toggle the setting to Enabled.
• Click Next to proceed.

4️⃣ Assign the Policy to AVD Session Hosts

• On the Assignments tab, select the device group containing the AVD Session Hosts you want to configure.
• Click Next to continue.

5️⃣ Review and Deploy the Policy

• On the Review + create tab, double-check your settings.
• Click Create to deploy the policy.

6️⃣ Update Firewall Settings and Restart Session Hosts

• Ensure Windows Firewall (or any other firewall in use) allows inbound traffic on the configured port.
  • 👉 Follow Microsoft’s guide to configure firewall rules in Intune.
• Once the policy is applied, restart your session hosts to activate the new settings.

Not using Intune? Here's how to configure it via Group Policy

1️⃣ Add the Azure Virtual Desktop Administrative Template

• Before configuring Group Policy, ensure your Active Directory domain has the necessary Azure Virtual Desktop administrative templates available. You can follow Microsoft’s guide to add them if needed.

2️⃣ Open the Group Policy Management Console

• On a domain-joined device, open the Group Policy Management Console.
• Create a new Group Policy Object (GPO) or edit an existing policy that targets the AVD session hosts you want to configure.

3️⃣ Navigate to the RDP Shortpath Policy Setting

• In the GPO Editor, go to: Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Azure Virtual Desktop.
• Find the policy "Enable RDP Shortpath for managed networks" and double-click it to open the settings.

4️⃣ Enable RDP Shortpath & Configure Port Settings

• Select Enabled to activate RDP Shortpath.
• (Optional) If needed, configure a custom port number for incoming connections. The default port is 3390.
• Click OK to apply the settings.

5️⃣ Update Firewall Rules to Allow UDP Traffic

• Ensure Windows Firewall (or any other firewall) allows inbound traffic on the configured port (default 3390).
  • 👉 Follow this guide to configure firewall rules via Group Policy.

6️⃣ Apply the Policy & Restart Session Hosts

• Ensure the GPO is applied to the session hosts. You can force an update by running the below command.

gpupdate /force

• Restart the session hosts for the new settings to take effect.

Ensuring RDP Shortpath Works on Client Devices

To take full advantage of RDP Shortpath in AVD, client devices must be correctly configured. Windows devices have UDP enabled by default, but it's always worth validating your client devices are setup correctly.

How to Check if UDP is Enabled on Windows Clients

1️⃣ Open PowerShell and Check the Registry

1. Open PowerShell as an administrator.
2. Run the following command to check the UDP setting in the Windows Registry:

$regKey = Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client"

If ($regKey.PSObject.Properties.name -contains "fClientDisableUDP" -eq "True") {
    If (($regKey | Select-Object -ExpandProperty "fClientDisableUDP") -eq 1) {
        Write-Output "The default setting has changed. UDP is disabled."
    } elseif (($regKey | Select-Object -ExpandProperty "fClientDisableUDP") -eq 0) {
        Write-Output "The default setting has changed, but UDP is enabled."
    }
} else {
    Write-Output "The default setting hasn't been changed from its default value. UDP is enabled."
}
        

The output should read similar to: The default setting hasn't been changed from its default value. UDP is enabled.

UDP Not Enabled? Fear not - Intune and Group Policy Settings here:

• For Intune: Navigate to Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client > Turn Off UDP On Client.
• For Group Policy (GPO): Go to Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client > Turn Off UDP On Client.

Set this policy to either "Not Configured" or "Disabled" to ensure UDP remains enabled.

After making the changes, update the policy on all client devices and restart them for the settings to take effect.

Enabling The Host Pool to Support RDP Shortpath

1️⃣ Sign in to the Azure portal at portal.azure.com.
2️⃣ In the search bar, type Azure Virtual Desktop and select the service from the results.
3️⃣ Navigate to Host Pools, then select the Host Pool you want to configure.
4️⃣ Under Settings, select Networking, then click RDP Shortpath.
5️⃣ Adjust the settings for each option using the drop-down menus based on your requirements. By default, each option is set to Enabled.
6️⃣ Click Save to apply the changes.

RDP Shortpath in Action: How to Verify It's Working

It's important to ensure that RDP Shortpath is working before you go live with your testing, and your production environment!

With the Host Pool, Session Hosts and client devices now configured or using default settings, then we should see the UDP protocol used when we check our connection settings.

Validating RDP Shortpath using Remote Desktop

• Once connected to the AVD environment, navigate to the RDP toolbar and select Connection Information.

Next, if RDP Shortpath is being used, then UDP should show as enabled.

Conclusion

RDP Shortpath is a game-changer for AVD, offering faster, more stable, and more efficient connections by leveraging UDP. By properly configuring session hosts, client devices and host pools, you can ensure a seamless AVD experience with minimal latency and improved reliability.

Whether you're an IT admin optimising remote work environments or an MSP supporting clients, enabling RDP Shortpath can significantly enhance user productivity and satisfaction.

Now that you know how to set it up and validate the functionality, it's time to put it into action!

Want some free, no-strings-attached assistance in configuring RDP Shortpath for your environment - let me know!

Let’s Connect

Whether you’re a non-profit looking for some assistance, an IT professional looking for guidance or simply want to discuss an idea - feel free to reach out! 💬 Connect with me on LinkedIn to network, stay updated, discuss a question or to collaborate!

9to5AzureThomas Cowen