Change the RDP port on Windows Server

  • Aad van Esschoten
  • Windows

Changing the port

1. Open regedit by pressing Windows key + r and typing regedit:

image-1660

2. Navigate to the following navigation within your registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

And locate the PortNumber property.

image-1661

3. Right-click PortNumber and click Modify. The following window will open where we will have to make sure the base is set to Decimal. We can continue by changing the Value data to the desired RDP port.

image-1662

When you are done, press ok.

We are finished with the registry editor now. If you have already configured your firewall, you can now reboot the system to apply the changes. If you have not configured your firewall yet, please follow the below steps.

Configuring the Firewall

To allow connection to your machine with this new port we will most likely have to change your firewall settings and add this port as an incoming port.

1. Open the firewall settings by pressing Windows key + r and typing firewall.cpl

image-1663

2. In the firewall window we will navigate to Advanced settings

image-1664

This will open the Windows Firewall with Advanced Security window.

3. Here we will right-click Inbound Rules and then click New Rule to add a new inbound firewall rule.

image-1665

4. This opens a wizard we have to follow, first off we will select the type of rule we would like to create. For our case this is Port and click next.

image-1666

5. We will use the TCP protocol and specify our remote desktop port (in our case we have changed it to 2023), after this click next.

image-1667

6. Select Allow the connection and click next

image-1668

7. Select the profiles where this rule applies and click next

image-1669

8 . Finally, give this rule a descriptive name to make it easier to find later and click finish.

image-1670

If you have not rebooted after changing the port in regedit now, you can now reboot.

Now try if you are able to connect through remote desktop with your system with your new port.

You can verify if you have set the port of your remote desktop command correctly by running the following command in Powershell:

Get-ItemProperty -name "PortNumber" -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"

This should give an output like this:

image-1671

Congratulations! You have now successfully changed the port for your remote desktop.

For safety, you should now disable the old firewall rules for port 3389.