RDP port: change the default value and basic setup steps

Quite often, many users who use remote access sessions have questions about how to change the RDP port. Now let's look at the simplest solutions, and also indicate a few basic steps in the configuration process.

What is the RDP protocol for?

To begin with, a few words about what RDP technology is . If you look at the decoding of the abbreviation, you can understand that this is a remote access protocol (Remote Desktop Protocol).

In simple terms, it is a means of connecting to a remote desktop, terminal server or workstation. Windows settings (and any of the versions of the system) use the default settings that are suitable for most users. The less it sometimes becomes necessary to change them.

Standard RDP port: do I need to change it?

So, regardless of the modification of Windows, all protocols have a preset value. This is the RDP port 3389, which is used for the communication session (connecting one terminal to a remote one).

With what is the situation connected, when the standard value needs to be changed? First of all, only with the security of the local computer. After all, if you understand, with the standard port installed, in principle, any attacker can easily enter the system. So now let's see how to change the default RDP port.

Changing the settings in the system registry

We note at once that the modification procedure is performed exclusively in manual mode, and there is no reset or setting of new parameters in the remote access client itself.

To start, we call the standard registry editor with the regedit command in the "Run" menu (Win + R). Here we are interested in the HKLM branch, in which the partition tree should be descended through the terminal server directory to the RDP-Tcp directory. In the window to the right, we find the PortNumber key. Its something we need to change.

We go into editing and see there 00000D3D. Many are immediately perplexed about what it is. And this is just a hexadecimal representation of the decimal number 3389. To specify the port in the decimal form, we use the corresponding line for displaying the value representation, and then specify the parameter we need.

After that, we overload the system, and when we try to connect we specify a new RDP port. Another way to connect is to use the special mstsc / v command: ip_address: XXXXX, where XXXXX is the new port number. But that's not all.

Windows Firewall Rules

Alas, the built-in Windows Firewall can block a new port. So, you need to make changes to the settings of the firewall itself.

We call the firewall settings with advanced security settings. You should first select the incoming connections and click on the line to create the new rule. Now we select the point for creating the rule for the port, then we enter its value for TCP, then we allow the connection, the profile section is left unchanged and finally we assign the new rule the name, and then press the button for the completion of the configuration. It remains to reboot the server and, when connecting, specify a new RDP port via a colon in the corresponding line. In theory, problems should not be observed.

RDP port on the router

In some cases, when using a wireless connection, rather than a cable connection, it may be necessary to make a port forwarding on the router (router). Nothing complicated in this.

First, in the properties of the system, we allow remote connection to the computer and specify the users authorized to do so. Then go to the settings menu of the router through the browser (192.168.1.1 or at the end of 0.1 - it all depends on the model of the router). In the field (if the main address is 1.1), it is desirable to specify the address starting with the third one (1.3), and the rule for issuing the address should be prescribed for the second (1.2).

Then in the network connections we use the detail view, where you should view the details, copy the physical MAC address from there and insert it into the router parameters.

Now in the NAT settings section on the modem we turn on the connection to the server, add the rule and specify the port XXXXX, which you need to transfer to the standard port RDP 3389. Save the changes and overload the router (without rebooting the new port will not be accepted). You can check the connection on some specialized site like ping.eu in the port testing section. As you can see, everything is simple.

Finally, note that the port values are distributed as follows:

• 0 - 1023 - ports for low-level system programs;
• 1024 - 49151 - Ports allocated for private purposes;
• 49152 - 65535 - dynamic private ports.

In general, many users usually choose RDP ports from the third range of the list to avoid problems. However, experts and experts recommend using these values in the settings, as they are suitable for most of the tasks set.

As for the port forwarding, this procedure is used mainly only in cases of Wi-Fi connection. As you can see, with a normal wired connection it is not required: just change the values of the registry keys and add rules for the port in the firewall.