Unable to create AVD host Pool

Unable to create any Host Pool

Error

{“code”:”DeploymentFailed”,”message”:”At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.”,”details”:[{“code”:”Conflict”,”message”:”{\r\n \”status\”: \”Failed\”,\r\n \”error\”: {\r\n \”code\”: \”ResourceDeploymentFailure\”,\r\n \”message\”: \”The resource operation completed with terminal provisioning state ‘Failed’.\”,\r\n \”details\”: [\r\n {\r\n \”code\”: \”DeploymentFailed\”,\r\n \”message\”: \”At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.\”,\r\n \”details\”: [\r\n {\r\n \”code\”: \”Conflict\”,\r\n \”message\”: \”{\r\n \\”status\\”: \\”Failed\\”,\r\n \\”error\\”: {\r\n \\”code\\”: \\”ResourceDeploymentFailure\\”,\r\n \\”message\\”: \\”The resource operation completed with terminal provisioning state ‘Failed’.\\”,\r\n \\”details\\”: [\r\n {\r\n \\”code\\”: \\”VMExtensionProvisioningError\\”,\r\n \\”message\\”: \\”VM has reported a failure when processing extension ‘dscextension’. Error message: \\\\”The DSC Extension failed to execute: Error downloading https://wvdportalstorageblob.blob.core.windows.net/galleryartifacts/Configuration_9-11-2020.zip after 29 attempts: Unable to connect to the remote server.\\r\\nMore information about the failure can be found in the logs located under ‘C:\\\\WindowsAzure\\\\Logs\\\\Plugins\\\\Microsoft.Powershell.DSC\\\\2.80.1.0’ on the VM.\\\\”\\r\\n\\r\\nMore information on troubleshooting is available at https://aka.ms/VMExtensionDSCWindowsTroubleshoot \\”\r\n }\r\n ]\r\n }\r\n}\”\r\n },\r\n {\r\n \”code\”: \”Conflict\”,\r\n \”message\”: \”{\r\n \\”status\\”: \\”Failed\\”,\r\n \\”error\\”: {\r\n \\”code\\”: \\”ResourceDeploymentFailure\\”,\r\n \\”message\\”: \\”The resource operation completed with terminal provisioning state ‘Failed’.\\”,\r\n \\”details\\”: [\r\n {\r\n \\”code\\”: \\”VMExtensionProvisioningError\\”,\r\n \\”message\\”: \\”VM has reported a failure when processing extension ‘dscextension’. Error message: \\\\”The DSC Extension failed to execute: Error downloading https://wvdportalstorageblob.blob.core.windows.net/galleryartifacts/Configuration_9-11-2020.zip after 29 attempts: Unable to connect to the remote server.\\r\\nMore information about the failure can be found in the logs located under ‘C:\\\\WindowsAzure\\\\Logs\\\\Plugins\\\\Microsoft.Powershell.DSC\\\\2.80.1.0’ on the VM.\\\\”\\r\\n\\r\\nMore information on troubleshooting is available at https://aka.ms/VMExtensionDSCWindowsTroubleshoot \\”\r\n }\r\n ]\r\n }\r\n}\”\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}”}]}

Root Cause:

Internet access was not allowed on the Host Pool subnet.

Resolution:

Internet connectivity required for WVD VNET as DSC extension need to download from Azure Websites. The DSC extension for Windows requires that the target virtual machine is able to communicate with Azure and the location of the configuration package (.zip file) if it is stored in a location outside of Azure.

Ref: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-windows

Audio Optimization and redirection for Voice based applications inside Citrix

 

Step 1: Only applicable if users are coming via Company managed laptops or Desktop

Audio setting policies for user devices :

1. Load the group policy templates by following below article:                                                       Get started | Citrix Workspace app for Windows
2. In the Group Policy Editor, expand Administrative Templates > Citrix Components > Citrix Workspace > User Experience.
3. For Client audio settings, select Not Configured, Enabled, or Disabled.
• Not Configured. By default, Audio Redirection is enabled using high quality audio or the previously configured custom audio settings.
• Enabled. Enables audio redirection using the selected options.
• Disabled. Disables audio redirection.
4. If you select Enabled, choose a sound quality. For UDP audio, use Medium (default).
5. For UDP audio only, select Enable Real-Time Transport and then set the range of incoming ports to open in the local Windows firewall.
6. To use UDP Audio with Citrix Gateway, select Allow Real-Time Transport Through gateway. Configure Citrix Gateway with DTLS. For more information, see this article.

Or Else follow below steps as per my recommendations:

Step 1: Storefront changes

As an Administrator, if you do not have control on endpoint devices to make these changes, use the default.ica attributes from StoreFront to enable UDP Audio. For example, for bring your own devices or home computers.

1. On the StoreFront machine, open C:\inetpub\wwwroot\Citrix\<Store Name>\App_Data\default.ica with an editor such as notepad.
2. Make the following entries under the [Application] section.

; This text enables Real-Time Transport

EnableRtpAudio=true

; This text allows Real-Time Transport Through gateway

EnableUDPThroughGateway=true

; This text sets audio quality to Medium

AudioBandwidthLimit=1

; UDP Port range

RtpAudioLowestPort=16500

RtpAudioHighestPort=16509

If you enable User Datagram Protocol (UDP) audio by editing default.ica, then UDP audio is enabled for all users who are using that store.

Step 2: Configure Studio Policy:

Note: If users coming from Citrix cloud Gateway service URL, then they can use Rendezvous Protocol however HDX adaptive transport policy should be disabled in such case otherwise we can enable HDX adaptive transport.

Step 3: Ports required:

Source	Destination	Port
Client /User/Any (if users coming via open internet)	NetScaler gateway	TCP 443 and UDP 443
NetScaler Subnet IP	Citrix HSDs/VDI VMs	TCP 1494, TCP 2598, UDP 1494, UDP 2598, UDP 16500-16509

Note: Considering rest all ports are already allowed hence not incorporated the details here

Step 4: Proxy and Antivirus requirement:

Citrix Gateway URL should be SSL bypassed for all users

UDP 443 port should be whitelisted on Antivirus if it is getting blocked

 

Note:

Things which should be considered if users face any issue with connecting to Audio/microphone if above settings were already implemented.

• There is a default UDP traffic idle timeout policy on Firewalls. If user is not using Voice application, then audio channel on firewall drops the packets and which results in issue where user is unable to connect microphone within Citrix
• Admin should create a SOP to those users so that they can logoff their Citrix session from Citrix Workspace connection centre if Microphone is not connecting after they come from break or and when they re-login then their issue would be fixed. Reconnect to disconnected session will not help
•  UDP idle session out policy can be increased at firewall end however it may result in performance issue so its better to check with Firewall support team to involve vendor who can share the correct value.
• Voice users should logoff if they are going for break or we should enable session timeout policy so that session logoffs with 30 minutes if remain idle.