Microsoft has begun the general availability rollout of redundant TCP transport paths for RDP Multipath in Azure Virtual Desktop. This enhancement moves beyond the UDP-only Multipath architecture introduced last year, extending session resiliency to the estimated 20–30 percent of enterprise networks where UDP traffic is restricted or blocked.

For IT teams managing AVD environments across diverse network conditions — branch offices, VPN-connected users, and highly regulated network segments — this update closes a critical gap in Microsoft’s remote desktop connectivity portfolio. Here is what changed, why it matters, and what organizations should do to prepare.

What Changed: RDP Multipath Goes Beyond UDP

RDP Multipath originally reached general availability in July 2025, using Interactive Connectivity Establishment (ICE) to discover and manage multiple UDP network paths between clients and session hosts. The feature was a significant step forward, enabling automatic failover when the primary network path degraded.

However, the UDP-only architecture left a meaningful blind spot. Many enterprise network environments — particularly those with strict firewall policies, legacy network equipment, or centralized security appliances — block or restrict UDP traffic. In those environments, Multipath could not establish redundant paths, and users remained vulnerable to connection interruptions from single-path TCP failures.

The redundant TCP transport paths addition, first announced in public preview in April 2026 and now entering GA rollout, solves this problem. RDP Multipath can now maintain multiple TCP transport paths alongside UDP paths, and automatically switch between them when network degradation is detected.

Key Technical Details

  • ICE-based path discovery remains the foundation — TCP redundancy reuses the same framework the original UDP Multipath established
  • Multiple active and standby TCP paths can now be maintained in a unified candidate pool
  • Automatic path switching occurs when network degradation is detected on the active path
  • No configuration changes required — the feature is transparent once enabled in your environment
  • Phased, quality-driven rollout — not all host pools will see TCP redundancy simultaneously

Why This Matters for Enterprise IT

The UDP Gap Is Closed

For organizations that invested in RDP Shortpath for UDP-only Multipath but still saw intermittent disconnection issues in restricted network segments, this update directly addresses the root cause. TCP redundancy ensures that even when UDP is blocked or unreliable, users maintain session continuity through redundant TCP paths.

Remote Workers and Branch Offices Benefit Most

The scenarios where Multipath provides the greatest value are also the scenarios where network conditions are least predictable:

  • Home and remote workers — diverse ISP networks, consumer-grade routers, and VPNs that may interfere with UDP
  • Branch offices — MPLS circuits with asymmetric routing, SD-WAN configurations, or limited bandwidth
  • Mobile users — hotel networks, airport Wi-Fi, and cellular hotspots that frequently introduce packet loss or latency

In all of these environments, the combination of UDP and TCP redundancy means a session interruption event becomes significantly less likely.

Support Burden Reduction

Connection stability is consistently one of the top support ticket drivers for AVD deployments. Every session interruption generates a help desk call, a reconnection, lost productivity, and user frustration. By providing automatic failover across both transport protocols, this update directly reduces the frequency of support-triggering events.

What Organizations Should Do

1. Validate RDP Shortpath Implementation

TCP redundancy builds on RDP Shortpath infrastructure. If you haven’t implemented RDP Shortpath, this is the prerequisite. Verify that RDP Shortpath is active and functioning across your host pools using Azure Virtual Desktop Insights.

2. Review Network Architecture

TCP redundancy is most effective when user traffic egresses locally to the internet rather than hair-pinning through centralized firewalls or security appliances. Audit your network egress architecture and identify locations where traffic is being backhauled unnecessarily.

3. Update Client Software

TCP redundancy requires supported Windows client versions. Inventory your endpoints, identify devices running outdated versions of Windows App or the Remote Desktop client, and plan update campaigns. BYOD environments require particular attention — update Windows App from the Microsoft Store or through managed distribution.

4. Conduct Pilot Testing

Once TCP redundancy reaches your host pools, test in a validation or pilot environment first. Simulate network degradation scenarios — temporarily block UDP traffic, introduce packet loss, or degrade throughput — and observe failover behavior. Confirm that sessions remain continuous and that reconnection is seamless.

5. Update Security and Firewall Policies

Ensure that both UDP (STUN and TURN) and TCP (reverse connect) paths are permitted through your security infrastructure. Consider bypassing deep packet inspection and TLS inspection for Multipath traffic, as these inspection mechanisms can add latency and trigger false failovers.

6. Configure Monitoring and Alerting

Set up Azure Virtual Desktop Insights to monitor connection reliability and Multipath behavior. Define baseline KPIs and configure alerts for abnormal interruption patterns. The connection reliability dashboard in Insights will provide visibility into how TCP redundancy is performing in your environment.

What Has NOT Changed

  • UDP Multipath is not going away — it remains the primary transport where UDP is available, with TCP as a complementary fallback
  • RDP Shortpath configuration remains unchanged — no new settings or policies to deploy
  • Non-Windows clients (macOS, iOS, Android, Linux) do not currently support TCP redundancy — this feature is Windows-only at launch
  • Client-side and session host failures remain outside Multipath’s scope — the feature addresses network path failures, not endpoint failures
  • Existing AVD deployments, FSLogix, App Attach, and other services are unaffected

The Bigger Picture

The redundant TCP transport rollout is the latest step in Microsoft’s sustained investment in AVD connectivity reliability. Over the past 18 months, the platform has evolved from single-path TCP connections to a multi-protocol, multi-path architecture:

  • January 2025 — Centralized RDP Shortpath management via Intune/Group Policy (GA)
  • February 2025 — RDP Shortpath over Private Link (GA)
  • July 2025 — RDP Multipath (UDP) GA
  • April 2026 — Redundant TCP paths (Public Preview)
  • May 2026 — Redundant TCP paths (GA rollout begins)

The trajectory is clear: Microsoft is building a connectivity layer that approaches carrier-grade reliability for remote desktop sessions. For organizations evaluating AVD as their primary workforce platform, the case only gets stronger with each release.

This update also signals something broader about Microsoft’s approach to cloud desktop delivery. Where early AVD deployments required careful network engineering to ensure reliability, the platform is increasingly self-healing — automatically detecting degradation, switching paths, and maintaining session continuity without administrator or user intervention.

Need Help Navigating Azure Virtual Desktop Changes? Big Hat Group helps organizations design, deploy, and manage AVD environments — including network optimization, RDP Shortpath configuration, and monitoring. Contact us to assess your readiness for RDP Multipath TCP redundancy or to optimize your existing AVD connectivity.

Big Hat Group is a Microsoft partner specializing in Azure Virtual Desktop, modern endpoint management, and Microsoft 365 deployments.