Many people use Audio in Citrix VAD. It works well, but at times it can be choppy, jittery, and lagging.
I wouldn’t say it’s hard, but Citrix is kind of all over the place with the docs. The Tech Zone does a nice job on the material. One of the reasons I started blogging is that I see all kinds of blogs, but I want to do something different. I want to share my settings and get feedback on your experience. Then update my blog with your professional experience. Of course, with your approval and your credit for the work. This will allow everyone to share different configurations and what works. My intention isn’t to redo blogs or Tech Zone, but to show ALL configurations around a specific topic, like this one. I want more than just links, I want detailed setups from start to finish. So, let’s start.
- Studio default Citrix policies
- So, as you can see, three policies are set by default within Citrix Studio. The reason I am showing this is that I just wanted to ensure to people that no Studio Policies need to be configured.
Another thing I found is that if the Audio is set to medium, the quality is better, and it helps for MICS that use Optimized USB ICA virtual channel.
Once these are set, they are by default. Then you need to tell the Workspace Clients how to use this policy. If these are not set, UDP will not work over audio.
- Enable audio
- Sound quality medium
- Enable Real-Time transport (16500 – 16509)
- Allow Real-Time transport through Gateway
2. Client settings for UDP
Workspace GPO, setting that reflects the bullet points above.
- The next question will be, how does this work for non-domain, BYOD devices?
- For this to take effect, you must update the Default.ica on your storefront servers.
- On the StoreFront machine, open C:\inetpub\wwwroot\Citrix\<Store Name>\App_Data\default.ica with an editor such as notepad ++
- Some people may not like editing the default.ica file. I understand and get it. But after all, that is what really makes up the ICA packet from launching resources. It would be nice for Citrix to add a GUI option, such as in StoreFront for this, some drop down the says "enable UDP for all workspace clients." Checkbox =enable.
- Anyway, let's continue. For me, it’s this…. C:\inetpub\wwwroot\Citrix\MFA\App_Data
Make the entries below under the [Application] section.
* Note* on the configuration above, you will see a dash behind the 1. So it's "1-" Jonathan Pitre reached out to me to ask about the (1-). I contacted Citrix and am finding out if this is a typo. I am glad he did, because it may not be needed. In my testing and into prod, the dash after the 1 still works. (But, it may not be needed.) Also, when you do a StoreFront upgrade, it will wipe out the default.ica file. Good catch Jonathan, Community support.
- Firewall requirements
- The Audio UDP port range specifies the range of port numbers that the Virtual Delivery Agent (VDA) uses to exchange audio packet data with the user device.
- By default, the range is 16500 – 16509
- Base Citrix Layout. I took this from the EDT CTX Article.
- Some people think that these ports need external as well. But in fact, it is from SNIP to the VDA Network. Then it’s wrapped up in the ICA packet.
- I have seen some documentation stating you need these ports open, however that is from the NSG gateway to the VDA backend. This isn’t what they mean.
- This is what it will look like in terms of an ICA packet.
- Internet Firewall: Additional rules must be added to your firewall(s) to allow the following UDP traffic.
- Client/Citrix Receiver > NetScaler Gateway – UDP/443
- NetScaler Gateway > XenDesktop VDA – UDP/16500-16509
Ideally, if you could blow up the ICA packet, and analyze the data inside it, It would look like this:
- NetScaler Settings needed
- Enable the DTLS flag on the NetScaler Gateway Virtual Server.
I didn’t have to do this, but based on my research, people have done this and then it would work.
- Unbind the SSL certificate pair from the NetScaler Gateway Virtual Server.
- (Re)bind the SSL certificate pair to the NetScaler Virtual Server. (Note: when rebinding the SSL certificate I didn’t get any message saying, “No usable ciphers configured on the SSL vServer/service.” This is a known issue and can be ignored). Some say they have, but I didn’t.
- Go to the Gateway settings, then click the desired Gateway and edit
- Go to the Gateway, and Edit the vServer
After this select DTLS (checkbox), under Basic settings. This is right at the top after you are in the Gateway settings.
Now go down to the SSL local and unbind the SSL cert. After you unbind it, go down and press done so the NetScaler will commit the changes.
Go back into the Gateway, and now Bind again. After you bind it, go down and press Done so the NetScaler will commit the changes.
Now at this point, you will see this in the DTLS setting:
As you can see here, once the user starts connecting in, you will see the Client port and XenApp/XenDesktop port show the UDP audio port.
- 2016 Windows Server/Windows 10 1608 LTSC
- VDA 19122016 Windows Server /VDA1909 Windows 10 LTSC
- Logitech h570 headset (Optimized USB support)/ SONY PS3 Mic
- Citrix Workspace 1911
- FSLogix profiles (Just in case anyone asks)
*Update* For XenDesktop 3/7/2020
I needed to show XenDesktop Settings based on a Slack conversation I had. My settings are the same, nothing changed other than I had to enable USB support for this VDA. Even though Citrix is picking it up as optimized. It’s not integrated, and it’s still a USB device. (Which reminds me, I need to update My USB Blog….http://www.citrixirc.com/?p=1070.) Also make sure “Client USB Plug and Play device redirection" is enabled. I didn't need to enable USB support. The reason is because the Mic is optimized within the Virtual channel, and it will show up within the VDA. It will not show up in Device viewer, because it's native pass-through with HDX support. But it will show up in the VDA device manager. The reason I enabled it was just for Generic USB support (Just a catch all for my testing.)
My only headset laying around was my old PS3 Mic. Dang Citrix picked it right up, and optimized it, but restricted it. I must be blocking it.
I am 🙂
I have to restart my session, for the restriction to go away. The sound would go through to the mic.
Then check and see if optimized is right for this mic
Ok, so it’s open now.
Still no Audio through Mic, as I am talking into it here.
Toggle it to Generic.
Windows 10 will install a drive for me. 🙂
Generic it is… (This is also how I test optimized and Generic)
See more here http://www.citrixirc.com/?p=1075
My testing was around XenApp (Virtual Apps) XenDesktop (VD), and this is for Avaya OneX communicator without VDI equinox communicator on the client.
Here are some blogs I picked through to get my information.
- This was on Windows 8 and Citrix Receiver 4.2
As you can see, UDP is far more valuable and is a must. Seems like Citrix nailed this and did a wonderful job from a bandwidth perspective. But is the audio really better?
Some discussions around this.
This article states to use High.
Avaya states UDP and medium.
UDP with the multi-stream set, interesting Article talks about multi-stream and how it can help.
References and data, I collected for this blog.
But as you can see, the data is scattered, and it’s tough to get it all. At least, in my opinion. If you have a different configuration and did something different, please share and with your permission, I’ll update this with the steps outlined for your setup In your environment. I feel that a master blog would benefit everyone.
Update as of May 20th, 2022
I was in a conversation in slack about UDP audio dropping after some time in the Citrix Session with a couple of guys that I think are sharp dudes and provide community help. something that started out small, led to finding a fix. Thanks, Nick Panaccio and Dale Scriven for finding this information.
Like this one.
Citrix Audio Over UDP Dropping Mid Session
Here is a nice write up from Dale Scriven "Citrix Audio Over UDP Dropping Mid Session"
Citrix Audio Over UDP Dropping mid session | (vhorizon.co.uk)
"Create a DWORD value of KeepAliveTimer in the following location HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\Audio and set the value to a number. This number represents the number of seconds between UDP keep-alive pings which will keep the UDP sessions active during the periods of inactivity somewhere. "
"This also means that you need to talk to your network team and confirm what the firewall in between the clients and the endpoints has configured for UDP timeouts and adjust the registry value to be inside of that timeout. So, for instance, if networks say the UDP timeout is 30 seconds on their firewall, the registry value you would set could be.
KeepAliveTimer DWORD 15"
Note: it's a decimal value as well.
An example that Nick provided is tested and working.
I wanted to thank everyone for helping me along these years and giving me the opportunity to be a part of a wonderful community.
I wanted to give a special thanks to Leee Jeffries for pushing me to blog.