Horizon BLAST – Windows Filtering Platform

Curious to see if anyone else sees or has seen behavior like this. We are a PCoIP shop beginning to test BLAST after our recent upgrade to UAGs and Horizon 7.8. Looking at our Security Logs, there are dozens of 5152 “The Windows Filtering Platform has blocked a packet” events blocking 22443 and 49152 (UDP) from VM to Client. This ONLY happens over BLAST UDP, not TCP, or PCoIP.

I’ve opened a case with VMware and they are so far stumped and suggested we open a case with Microsoft. I’ve tested this our Production image as well as a completely fresh copy of Windows 10 1803 with only VMware Tools and the Horizon 7.8 Agent installed.

Of note: Audit Filtering Platform Packet Drop (Failure) must be enabled as a Local Security Policy to see these events.

Has anyone seen anything like this? We’re not sure if it’s causing performance issues because we don’t have a “baseline,” so to speak, for BLAST.

View Reddit by TheGreatShabbaView Source


To see the full content, share this page by clicking one of the buttons below

Related Articles

One Comment

  1. something similar happened when i was testing Windows KIOSK mode, when clients were converted into KIOSK mode i could not connect to VM via PCoIP or BLAST, but with RDP i could. After 3 month the ticket is still being processed with microsoft dev team lol. Apparently when entering kiosk mode, the windows only uses basic connection ports thus maybe blocking the connection regarding anything relating VMware (that was their initial responce). Try troubleshooting something similar and try disabling firewalls, try connecting under diffrent circumstances as to where the client resides

Leave a Reply