Forum Discussion

Cato_Fan_2024's avatar
Cato_Fan_2024
Icon for Making Connections rankMaking Connections
4 months ago

Azure Virtual Desktop Session Host Routing

Hi, has anyone ever set up a route table on Azure so that the route to Microsoft Login subnets goes out through Cato?  When we tried doing this, to make sure our AVD users are protected by Cato, user...
Cato_Fan_2024's avatar
Cato_Fan_2024
Icon for Making Connections rankMaking Connections
4 months ago

we tried paring back to only routing the subnets below (Microsoft Login app) and still were unable to connect through the AVD FQDN.  Only the subnets below were being routed through Cato and that was enough to stop authentication in its tracks.  I'm going to try disabling TLS inspection to the Microsoft Login app to see if maybe that's interfering with the Windows 365 client app.

20.190.128.0/18
40.126.0.0/18
20.20.32.0/19
20.231.128.0/19

DikFrik's avatar
DikFrik
Icon for Joining the Conversation rankJoining the Conversation
2 months ago

Were you able to fix the issue? If so, how?

  • Cato_Fan_2024's avatar
    Cato_Fan_2024
    Icon for Making Connections rankMaking Connections
    2 months ago

    Something completely unrelated.  The engineers that set up the AVD environment had deployed the wrong cert for TLS inspection to the AVD hosts.  Sorry that I don't have a better answer.

  • Cato_Fan_2024's avatar
    Cato_Fan_2024
    Icon for Making Connections rankMaking Connections
    31 days ago

    Just in case, also be sure you're bypassing TLS inspection for the "Azure Windows Virtual Desktop" app.