How to change the default TCP port for Remote Desktop connection
Posted by admin on October 29, 2009
Remote Desktop Protocol (RDP) uses a default TCP port 3389. When you enable a remote desktop connection on your computer, you turn on this port automatically and allow a remote connection to your computer. Everyone in Administrators and Remote Desktop Users groups can connect to your computer remotely.
You can change the default port for Remote Desktop by editing the registry entry. Configuring and setting a new port for Remote Desktop provides a secure remote connection to your computer because only you and people with permission know the new port assignment.
Using Registry editor to change port for Remote Desktop
- Open Registry editor by typing Regedit in the Run command line.
- Expand these registry entries and subentries:
- Select RDP-Tcp and in the right window, scroll down and double-click PortNumber.
- Choose Decimal, double-click to select 3389 in the Value Data: text box, enter a new port number, for example 3391, and then click OK.
You may need to restart the computer to effect the new change.
How to enable Remote Desktop connection
- Open Control Panel and double-click System to open System Properties.
- Choose Remote tab on the System Properties sheet.
- In Remote Desktop section, check “Allow users to remotely connect to this computer” check box.
- Click “Select Remote Users” button to add users that you allow to remotely connect to your computer, and click OK.
How to configure Windows firewall to allow Remote Desktop
When Remote Desktop is enabled, the default port 3389 is added to the exception list of the Windows firewall. Since the new port is configured, a new exception must be created.
- Open Control Panel and double-click Windows Firewall.
- Choose Exceptions tab on the Windows Firewall dialog box.
- Clear “Remote Desktop” check box as this is a default port for Remote Desktop.
- Click “Add Port…” button and in Name: field, enter “Remote Desktop Connection” and in Port number: field; enter the new port that is previously configured in the registry editor, for example 3391. Make sure TCP is selected.
- Click OK.
In the exception list of the Windows Firewall, you should have “Remote Desktop Connection” checked.
When you remotely connect to your computer with an assigned port, you must enter the new port along with the IP address or computer name. For example, if your computer IP is 192.168.12.3, and you configured a new port 3391 for your Remote Desktop; then you must enter 192.168.2.3:3391 in the Remote Desktop connection client.