December 5, 2018

Citrix Receiver - Azure Servers - TCP Resets Client Side

Purpose:

This post explains an issue that occurred to me when trying to establish connections to Citrix VDAs (Server 2016) in Azure. Within our environment we have a VPN tunnel to connect our primary datacenter to our Azure tenant. The VPN tunnel is a very important piece to this puzzle.

Symptom:

Once the VDA is built, they are registering to the Delivery Controllers and apps/desktops are published you are attempt to establish a connection via published app or desktop the client has issues keeping the connection. Specifically once the application/desktop is launched, Citrix receiver/workspace launches and tries to establish a connection and gets stuck at "Connection in progress...."



Reviewing network trace logs through firewalls and wireshark you will notice TCP Resets on the client side.


Resolution:

The easiest option here is to disable Enlightened Data Transport aka HDX Adaptive Transport within the Citrix Studio policies for the delivery group(s) that are hosted on Azure.



Cause:
This article details it best but the primary reason is because of IP fragmentation isn't handled correctly over the VPN tunnel. Disabling EDT addresses this issue.

https://support.citrix.com/article/CTX231821

As of right now I don't have a way to get this to work correctly if you want EDT turned on.


SageLike Post ID: SL0021

Applies to:

Citrix VDA's hosted within Azure that has a VPN tunnel connecting Azure to the on-premise infrastructure.

References:
https://support.citrix.com/article/CTX231821