Change RDP Port on Windows with 2 Easy Methods – OrcaCore

By Posted on

Change RDP Port on Windows with 2 Easy Methods - OrcaCore

Change RDP Port on Windows with 2 Easy Methods – OrcaCore

In this comprehensive guide from OrcaCore, we will explore How To Change RDP Port on Windows. The Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft. It facilitates remote connections to other computers, typically operating over TCP port 3389. RDP provides secure network access to a remote user through an encrypted channel. Network administrators leverage RDP for various tasks, including diagnosing issues, logging into servers, and performing remote actions. End-users also utilize RDP to connect to their organization’s network, enabling access to email and files. Understanding How To Change RDP Port on Windows is crucial for enhanced security.

For enhanced security, many systems implement firewalls that block incoming and outgoing traffic on the default RDP port, 3389. By changing the RDP port number, administrators can circumvent these firewalls and improve overall system security. The ability to Change RDP Port on Windows is a valuable skill for any system administrator.

Steps To Change RDP Port on Windows and Windows Server

Now that you understand the importance of changing the remote desktop port number, let’s examine the methods for modifying it on your Windows client and Windows Server systems. This detailed explanation will show you How To Change RDP Port on Windows effectively.

In this guide, we will demonstrate two primary methods for changing the RDP port:

Method 1: Changing RDP Port Number Using Windows Registry

The first approach involves modifying the Windows Registry. To begin, press the Win+R keys simultaneously to open the Run dialog box. Type "Regedit" and press Enter to launch the Registry Editor. Once the Registry Editor is open, navigate to the following path:

HKEY_LOCAL_MACHINESystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp

Within this directory, locate the "PortNumber" entry.

[Image of Port number on registry editor, as in original article]

Right-click on "PortNumber" and select "Modify".

[Image of Modify RDP port number, as in original article]

In the Edit DWORD (32-bit) Value dialog box, select "Decimal" base. Then, enter your desired port number (e.g., 3390) and click "OK".

[Image of Add the new RDP port number, as in original article]

Close the Registry Editor and restart your Windows system for the changes to take effect. After the restart, attempt to connect to the remote computer using the new port number.

Important Note: If your remote system is protected by a firewall, you must configure it to allow connections to the newly assigned port. Refer to our guide on how to open a Port on Windows Firewall for detailed instructions. This is a crucial step after you Change RDP Port on Windows.

Method 2: Changing RDP Port Number Using PowerShell

The second method utilizes PowerShell to modify the RDP port. Start by opening your PowerShell Admin terminal. To verify the current port in use, execute the following command:

Get-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp' -name "PortNumber"

This command will display the current RDP port number. The default is 3389.

Output
PortNumber   : 3389
PSPath       : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal
               ServerWinStationsRDP-Tcp
PSParentPath : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal
               ServerWinStations
PSChildName  : RDP-Tcp
PSDrive      : HKLM
PSProvider   : Microsoft.PowerShell.CoreRegistry

To change the port to your desired number, execute the following commands, replacing 3390 with your preferred port:

$portvalue = 3390
# Set-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp' -name "PortNumber" -Value $portvalue
# New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue
# New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue

To verify the change, run the Get-ItemProperty command again:

Get-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp' -name "PortNumber"

The output should now reflect the new RDP port number (e.g., 3390).

Output
PortNumber   : 3390
PSPath       : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal
               ServerWinStations
PSParentPath : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal
               ServerWinStations
PSChildName  : RDP-Tcp
PSDrive      : HKLM
PSProvider   : Microsoft.PowerShell.CoreRegistry

You can choose either of these two methods to Change RDP Port on Windows.

Alternative Methods to Change RDP Port on Windows

While the registry editor and PowerShell methods are effective, here are two alternative methods to consider:

1. Using Group Policy (For Domain-Joined Machines):

For organizations managing a domain, Group Policy provides a centralized way to manage RDP port settings. This method is particularly useful for applying the change to multiple machines simultaneously.

  • Explanation: Group Policy allows administrators to configure settings that are applied to users and computers within a domain. By configuring the RDP port setting in a Group Policy Object (GPO), you can ensure that all machines within the scope of the GPO use the specified port.

  • Steps:

    1. Open the Group Policy Management Console (GPMC) on a domain controller.
    2. Create a new GPO or edit an existing one that applies to the computers you want to configure.
    3. Navigate to: Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections.
    4. Locate the setting "Select RDP transport protocols." Enable this setting and choose "Use both TCP and UDP."
    5. This doesn’t directly change the port, but enables TCP and UDP which is necessary.
    6. Then, navigate to Computer Configuration > Preferences > Windows Settings > Registry.

    7. Create a new Registry Item with the following settings:

      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key Path: SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp
      • Value Name: PortNumber
      • Value Type: REG_DWORD
      • Value Data: (Your desired port number in Decimal format, e.g., 3391)
    8. Link the GPO to the appropriate Organizational Unit (OU) containing the target computers.
    9. Force a Group Policy update on the client machines using gpupdate /force in the command prompt.

  • Benefits: Centralized management, consistent configuration across multiple machines.

2. Using a Third-Party RDP Management Tool:

Several third-party RDP management tools offer a user-friendly interface for managing RDP settings, including the port number.

  • Explanation: These tools often provide a graphical interface that simplifies the process of changing the RDP port. Some tools also offer additional features, such as connection management, security auditing, and reporting.

  • Steps:

    1. Research and select a reputable third-party RDP management tool that meets your needs.
    2. Download and install the tool on your server.
    3. Follow the tool’s documentation to configure the RDP port. Most tools will provide a clear option to change the listening port.
    4. Restart the Remote Desktop Services.
    5. Configure the firewall to allow incoming connections on the new port.

  • Benefits: Simplified management, additional features, and a user-friendly interface.

These alternative methods provide flexibility in managing RDP port settings, depending on your environment and specific requirements.

Conclusion

Changing the RDP port number on Windows enhances security by reducing exposure to automated attacks targeting the default port 3389. It’s a simple yet effective step to help protect remote desktop access from unauthorized connections. Remember the importance of How To Change RDP Port on Windows to increase the security of your server.

We hope you found this guide helpful. Please subscribe to us on Facebook, X, and YouTube.

You may be interested in these articles:

  • How To Connect Remotely on Windows
  • Remote Windows via iPhone Device
  • Remote Windows via Android Device
  • Repair Windows with the DISM command

Related posts: