This blog post was updated September 2, 2021, to announce general availability.
We are excited to announce that support for HDX Adaptive Transport in Citrix Gateway Service is now available for all customers. With this support, all Citrix Workspace customers using Gateway Service for HDX Proxy will be able to use Enlightened Data Transport (EDT) for a superior end-user experience.
EDT — our UDP-based reliable transport protocol — was introduced to help maintain a high user experience in long-haul connections, which makes it the ideal protocol to provide secure remote access via Gateway Service. To learn more about the latest on EDT, check out our blog post on how Enlightened Data Transport is getting smarter and more robust.
To use EDT with Gateway Service, Rendezvous protocol must be enabled. This will allow the ICA session to bypass the Cloud Connector and go directly from the VDA to the Gateway Service, secured end-to-end with DTLS. To learn more about Rendezvous, take a look at ICA and Gateway Service Rendezvous now available!. For up-to-date requirements, please refer to the documentation.
HDX Adaptive Transport is available to all Gateway Service customers at no additional cost. Customers using Gateway Service for on-premises site aggregation cannot leverage this feature yet.
Prerequisites
Here are the prerequisites for using HDX Adaptive Transport with Gateway Service:
- Virtual Delivery Agent (VDA) 2012 or later.
- CWA Linux 2104 and Android 21.5.0 or later
- Rendezvous protocol enabled and working. Refer to the documentation for details.
- Ports UDP 443 and TCP 443 need to be open (outbound and inbound) between VDA and the Internet. Refer to the Rendezvous documentation for more details.
- Adaptive Transport must be enabled in Citrix policy. See the Adaptive Transport setting documentation for details.
- While EDT is supported on all currently supported Windows versions, Citrix recommends using EDT through Gateway Service only with VDAs running on Windows 10 and Windows Server 2019 due to limitations on other OS versions.
How to Configure
If you have enabled Rendezvous protocol on delivery group and opened up UDP 443 ports from your VDAs to Gateway Service, EDT will start working, as HDX Adaptive Transport enabled by default on delivery group.
Note: If you have enabled Rendezvous Protocol, but don’t want to use EDT or UDP 443 is not opened, we recommend to disable HDX Adaptive Transport on delivery group as it might lead up to 5 secs of additional app launch delay for negotiations to fallback from EDT to TCP Rendezvous protocol.
All Gateway service customers must take advantage of this capability to provide a better user experience. For our on-prem Gateway customers, it’s yet another reason to migrate to cloud service. Detailed documentation can be found here.
Frequently Asked Questions
What happens if EDT negotiation fails?
If EDT negotiation fails for any reason, the session will fall back to TCP with Rendezvous. And if that fails, then the session will fall back to proxying through the Cloud Connectors. CWA Linux 2104 and Android 21.5.0 address any fallback issues from EDT to TCP.
How do you confirm whether EDT is in use with Gateway Service?
To know if your sessions are using EDT, take a look at the following:
- Connection protocol in Citrix Director: https://support.citrix.com/article/CTX220730.
- After you launch an app or a desktop, go to Citrix Workspace app → Connection Center → Properties tab → Transport encryption (DTLS/TLS) to know if the connection is going to TCP or EDT.
- If you launched a desktop, then you could run “ctxsession -v” on command prompt within the session and check the Transport Protocols to determine how the session is established:
- EDT Rendezvous will show “UDP → DTLS → CGP → ICA”
- TCP Rendezvous will show “TCP → SSL → CGP → ICA”
- Non-Rendezvous will show “TCP → CGP → ICA “
For example:
How to disable EDT?
In the CVAD delivery group setting, Disable “HDX Adaptive Transport.”
