AVD / RDP Shortpath with Sonicwall NSv Firewall

I wanted to share my experience in figuring out how to make AVD / RDP Shortpath work with a SonicWall NSv Firewall in front of your Azure environment.  This has drastically reduced end-user disconnects for us.  From our experience deploying these NSv, they come out of the box without any Rules and Policies.   We followed the guidance of the Microsoft doc here:  RDP Shortpath - Azure Virtual Desktop | Microsoft Learn to create the appropriate outbound rules for the MS Servers and were still running into issues.  Ultimately, the resolution was to enable Consistent NAT here:  Configuring Consistent NAT (Network Address Translation) | SonicWall

Doing so helps an NSv Sonicwall meet the requirements of the translated address and port pairs staying the same, rather than without Consistent NAT, the port and possibly the IP address change with every request.

I could not find any articles online regarding this, I suspect this could be helpful for other firewall vendors products as well.  I hope this helps save someone else out there a headache.

3

Comments (1 comment)

Avatar
DStephenson

This is very cool, Chris Wiegman (and welcome to the community🙂)!

Like you mentioned, I could see this spinning off into additional posts (or a single Nerdio Support blog post) with generic "Configure RDP Shortpath in Azure" and then sub-sections on how to configure vendor specific (SonicWall, WatchGuard, Fortinet, etc) firewall settings.

2

Please sign in to leave a comment.