Virtual desktop not on same network

• Article
• 11/05/2021
• 3 minutes to read

Azure Virtual Desktop provides the ability to host client sessions on the session hosts running on Azure. Microsoft manages portions of the services on the customer's behalf and provides secure endpoints for connecting clients and session hosts. The diagram below gives a high-level overview of the network connections used by Azure Virtual Desktop

Session connectivity

Azure Virtual Desktop uses Remote Desktop Protocol [RDP] to provide remote display and input capabilities over network connections. RDP was initially released with Windows NT 4.0 Terminal Server Edition and was continuously evolving with every Microsoft Windows and Windows Server release. From the beginning, RDP developed to be independent of its underlying transport stack, and today it supports multiple types of transport.

Reverse connect transport

Azure Virtual Desktop is using reverse connect transport for establishing the remote session and for carrying RDP traffic. Unlike the on-premises Remote Desktop Services deployments, reverse connect transport doesn't use a TCP listener to receive incoming RDP connections. Instead, it is using outbound connectivity to the Azure Virtual Desktop infrastructure over the HTTPS connection.

Session host communication channel

Upon startup of the Azure Virtual Desktop session host, the Remote Desktop Agent Loader service establishes the Azure Virtual Desktop broker's persistent communication channel. This communication channel is layered on top of a secure Transport Layer Security [TLS] connection and serves as a bus for service message exchange between session host and Azure Virtual Desktop infrastructure.

Client connection sequence

Client connection sequence described below:

1. Using supported Azure Virtual Desktop client user subscribes to the Azure Virtual Desktop Workspace
2. Azure Active Directory authenticates the user and returns the token used to enumerate resources available to a user
3. Client passes token to the Azure Virtual Desktop feed subscription service
4. Azure Virtual Desktop feed subscription service validates the token
5. Azure Virtual Desktop feed subscription service passes the list of available desktops and RemoteApps back to the client in the form of digitally signed connection configuration
6. Client stores the connection configuration for each available resource in a set of .rdp files
7. When a user selects the resource to connect, the client uses the associated .rdp file and establishes the secure TLS 1.2 connection to the closest Azure Virtual Desktop gateway instance and passes the connection information
8. Azure Virtual Desktop gateway validates the request and asks the Azure Virtual Desktop broker to orchestrate the connection
9. Azure Virtual Desktop broker identifies the session host and uses the previously established persistent communication channel to initialize the connection
10. Remote Desktop stack initiates the TLS 1.2 connection to the same Azure Virtual Desktop gateway instance as used by the client
11. After both client and session host connected to the gateway, the gateway starts relaying the raw data between both endpoints, this establishes the base reverse connect transport for the RDP
12. After the base transport is set, the client starts the RDP handshake

Connection security

TLS 1.2 is used for all connections initiated from the clients and session hosts to the Azure Virtual Desktop infrastructure components. Azure Virtual Desktop uses the same TLS 1.2 ciphers as Azure Front Door. It's important to make sure both client computers and session hosts can use these ciphers. For reverse connect transport, both client and session host connect to the Azure Virtual Desktop gateway. After establishing the TCP connection, the client or session host validates the Azure Virtual Desktop gateway's certificate. After establishing the base transport, RDP establishes a nested TLS connection between client and session host using the session host's certificates. By default, the certificate used for RDP encryption is self-generated by the OS during the deployment. If desired, customers may deploy centrally managed certificates issued by the enterprise certification authority. For more information about configuring certificates, see Windows Server documentation.

Next steps

The Oculus Quest is a revolutionary self-contained VR headset that lets you walk around in the virtual world without any real-world wires cramping your style. If you want to experience cutting-edge wireless PC VR games on your Quest, however, your only option has been a USB cable and the Oculus Link feature. That’s no longer true, with wireless PC VR offered as a feature of Virtual Desktop for Quest.

Virtual Desktop is an application for the Oculus Quest that allows you to see your PC desktop in a VR environment wirelessly over Wi-Fi. You can have a screen as large as you like, change what your office looks like, and generally use your VR headset as a total replacement for your physical monitor. It’s great for privacy and when you’re traveling with your laptop, it can be more comfortable than doing certain tasks on a small laptop display.

There’s also a version of Virtual Desktop for desktop computers that’s meant for use with an Oculus Rift and other wired VR headsets. This article is only about the Oculus Quest app alone.

What You Need

In order to get your wireless PC VR game working, you’ll need a few key components:

• An Oculus Quest or Oculus Quest 2.
• A VR-ready computer with an ethernet port.
• An ethernet connection between your computer and your router.
• A paid copy of Virtual Desktop from the Oculus Quest store.
• The Virtual Desktop streamer application for Windows.
• A VR game installed on your computer.

Virtual Desktop is also available in beta form for macOS, but this does not support VR games, mainly because VR gaming isn’t supported on macOS at this time.

The Recommended Hardware Setup

Wireless VR using Virtual Desktop on Oculus Quest will work with a wide variety of hardware setups, but some configurations will be less stable and smooth than others. That may not matter as much when it comes to using Virtual Desktop for web browsing, watching movies or productivity. However, when it comes to wireless PC VR games, low latency transmission is essential.

As mentioned in the list of requirements in the previous section, it’s highly recommended that you connect the computer running the game directly to the router using an Ethernet cable. Furthermore, the Quest headset should preferably be connected to the router using a 5Ghz wireless network. You should also be close enough to the router to get a strong unobstructed signal.

Higher-end routers with more powerful CPUs are likely to provide a better experience. Alternatively, you can try keeping other network traffic to a minimum while in virtual reality.

Some users have taken to attaching a dedicated 5Ghz router to their computer via Ethernet so that the entire router is only dedicated to handling VR data traffic. If you happen to have a spare router, this might be worth trying.

Getting Wireless PC VR Games on Virtual Desktop: Step-by-Step

We’re going to assume that you have none of the software installed and configured, starting only with the hardware in place:

1. First, head to the Oculus Quest app store. Then buy and install Virtual Desktop.

1. Install the streamer app and run it.
2. Enter your Oculus Quest user name in the relevant field. Minimize the streamer if you like, but leave it running.

1. Now launch Virtual Desktop on your Quest. It should show that your computer is detected and you can simply connect to it.
2. Now that you’re in Virtual Desktop and can see your computer screen in VR, press and hold the menu on the left controller to bring up the app settings menu. If you’re using hand-tracking, use the menu gesture with your left hand.

1. Switch to the Games tab and a list of detected VR games should appear, select the one you want to play and you’re good to go!

You can also simply launch your VR games from the desktop itself as you usually would. Virtual Desktop should detect that the game is asking for a VR headset and take over via WiFi.

Using Oculus Air Link

Until recently, the only way to get this wireless VR function in Virtual Desktop was to buy the app and then sideload an alternative version that added the function. This isn’t something that everyone is comfortable doing, so it’s great that you can now play wireless PC VR without that hassle.

However, at almost exactly the same time as the feature was rolled into the app-store version of Virtual Desktop, Oculus itself has released an official wireless PC VR function for the Quest 2 called Oculus Air Link.

We’ve written before about the USB-based Oculus Link and this is pretty much the same thing without the wire. Right now, the feature is still in beta and you can only find it under the experimental features section of your Quest settings.

If you have a Quest 2, there’s no harm in trying out Oculus Air link to see if it works better than Virtual Desktop for you. We have a feeling that Oculus will probably have the more polished solution in the end.

If you still have a first-generation Quest, then Virtual Desktop is the only game in town. Unless Oculus does decide to make it work on their older hardware.

Playing Non-VR Games

Hopefully, you’ve now experienced the glory of wireless PC VR for yourself, but don’t forget that you can play non-VR games in Virtual Desktop as well! Regular games can be played on the virtual monitor just as easily as you can do boring office work on it.