How to change default RDP (Remote Desktop Connection) port in Windows Server

 

By default, Remote Desktop Connection (RDP) uses port 3389. we can change this default settings for security reasons. Let’s get started :

  1. Login to your Windows server via Remote Desktop.
  2.  Click on Start > Run > Type REGEDIT and hit enter. This will open registry editor.

3. Locate and click following registry sub-key.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp

4. Double click on the PortNumber registry subkey, select the Decimal base. Type new port number in Value data field and click OK to save the changes.

5. Quit Registry Editor.

6. Open this new port in Windows firewall. Otherwise, Windows firewall won’t allow you to access your server using new Remote Desktop port.

Click Start with the right mouse button to select run

Enter wf.msc and hit enter

run

Click on Inbound Rules

Windows-firewall-1

Click on New Rule and select Port

Firewall-2

 

Specify new RDP port as per the screenshot

new RDP PORT-firewall

 

Allow connection and Next

Firewall-4

 

Specify the RDP port Name and click Finish.

firewall-5


Method2

You can also change the RDP port by running the following PowerShell commands. In this command, we’ll specify the new RDP port as 5930.

To add a new RDP Port to the registry:

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value 5930

 

Then Add Firewall Rule to open port 5930 on the Public profile using PowerShell

New-NetFirewallRule -DisplayName 'RDPPORT_TCP' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 5930

 

 

7. Restart Remote Desktop Service from PowerShell

Restart-Service -Force -DisplayName "Remote Desktop Services"

8. Now connecting the server, you will need to use following format IP:Port, as shown in the picture below

rdp-port