Hi everyone, hope you are having a good day. For some reason whenever I create a new VDI I get this error message when starting it for the first time. The VDI is onprem, rest of the environment is Citrix Cloud. I am using MCS. Anyhow, if I try a few more times it will start working and the error message will never appear again after that. Anyone has seen this before? the environment is curently in pilot and I wouldn't want to go to prod with this type of error message even if it works when trying a few times.

10054 on the Windows side a TLS/cipher mismatch. Are you possibly setting TLS hardening via GPO and maybe hitting a race condition there?

I have just started seeing this very occasionally in my environment after a server restart. It isn't every server restart, but the first user in a multiuser server OS seems to trigger this sometimes. Or it is every time and users aren't telling me, but I would expect there to be more tickets if it were every single time. We are running server OS and have seen it on 2019 and 2022 with Citrix 2402 CU2. I will be paying a bit more attention to it now.

Check if you cloud connector is properly reachable.. I remember this error having to do with reachability of the CC from the PoPs

There is definitely something going on here as we have 3 different environments now where this is being reported @Rody Kossen or whoever on that side, I have to believe there are internal tickets on this now. @Ray Davis fyi above on all of ours. No hardening or cipher stuff - just run of the mill and there does seem to be something with the little older LTSR (e.g. 2402) VDA for example and newer CWA. But definitely an issue for a combination there. New CR 2503 VDA fixed up on this other one we had. Obviously for LTSR environments, thats not a great solution.

Yep, spot on here. From what I have seen, and this isn't a smoking gun but only from what I gathered so far from reports. VDA 2402CU whatever, and 2411 VDA( older I know) with CWA 2503.2 is when I see it. One customer dropped from 2503.2 to a lower CWA and they were good. But the other customer I don't want using the Older CWA due to extra HDX stuff we need, in that case it seems if we use the 2503 VDA it's okay again. Again, don't read this and start ripping/upgrading stuff. Just test the combo.

Hmm, interesting! If you can get a set of CDF traces (Client & VDA), then we probably can figure out what is going on here. I would definitely recommend opening a support case..

Thank you all, interesting replies. What I did was three things so far, one check the health of the Cloud Connectors. Two, I had configured the new function while installing the VDA, which is to let MCS check listofddc. I went back to using listofddc through GPO/registry. Three, I configured the application launch time policy in Citrix Cloud and the required registry which I'm deploying through GPO( the best would be to hardcode it in the master image so it is deployed immediately/quickly. But don't use WEM to deploy this registry key. So these three things are basically making sure that the VDAs can successfully get listofddc, that the Cloud Connectors are healthy and so that we give the session a little bit of extra time to start. We wait for it for more than 60 seconds(in my case 2 minutes maximum) if required but it the app / desktop launches in 10 seconds, thats fine as well. The reason why we configure the application launch policy is more specifically in scenarios where you restart the VDA or start it up from a shut down state. So far it has been working fine. I would say that the last one, application launch time policy might be doing the trick but the rest is also important. Citrix Cloud is quite new to me but these are important points if you have VDAs onprem and infrastructure in Citrix Cloud. Im running 2402 LTSR on my VDIs.