How to Change the Default RDP Port in Windows Server 2016

How to Change the Default RDP Port in Windows Server 2016: A Step-by-Step Guide

/ Knowledgebase, Remote Desktop Protocol (RDP)

Remote Desktop Tradition (RDP) is a well-known highlight in Windows Server 2016 that allows clients to remotely interface to the server. By default, RDP businesses harbor 3389, which is well-known and regularly centered on by aggressors. Changing the default RDP harbor is a fundamental in any case compelling way to update the security of your server by making it less defenseless to unauthorized access. In this coordinate, we’ll walk you through the get-ready of how to change the default RDP port in Windows Server 2016.

Why Change the Default RDP Port?

Before diving into the steps, let’s examine why changing the default RDP harbor is important:

  1. Security Overhaul: Changing the default RDP harbor makes it harder for aggressors to discover and abuse the open harbor, reducing the risk of brute-force attacks.
  2. Avoid Harbor Clashes: In a few circumstances, distinctive servers may utilize RDP, and changing the harbor can offer help to evade conflicts.
  3. Compliance Prerequisites: A few organizations have security courses of action that require non-standard ports to be utilized for blocked-off access.

Prerequisites

Before proceeding with the harbor change, ensure that you have the following:

  1. Administrator Get to: You require definitive benefits to modify the registry and firewall settings.
  2. Firewall Setup Data: You should be familiar with orchestrating the Windows Firewall to allow the unused RDP port.
  3. Backup: It’s persistently an awesome sharpen to back up the registry and any other fundamental data a few times as of late making changes.

Step-by-Step Guide How to Change the Default RDP Port in Windows Server 2016

Step 1: Fortification of the Windows Registry

Since changing the RDP harbor requires changing the Windows Registry, it’s essential to back it up to expect any potential issues. Here’s how you can do that:

  1. Press Win + R to open the Run trade box.
  2. Type regedit & press Enter to open the Windows Registry Editor.
  3. In the Registry Editor, select Record from the menu and press Export.
  4. Choose a zone to save the support, permit it a title, and press Save.

Step 2: Discover the RDP-Tcp Key in the Registry

Now that you have a fortification, you can proceed to change the RDP port:

  1. In the Registry Editor, investigate the taking after path:
    arduino  Copy code
HKEY_LOCAL_MACHINESystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp
  2. In the RDP-Tcp envelope, see for a key named PortNumber.

Step 3: Alter the RDP Port

To modify the RDP port:

  1. Double-click on the PortNumber key. This will open the Modify DWORD (32-bit) Regard window.
  2. In the window, select the Decimal Choice underneath Base.
  3. The current regard will be 3389 (the default RDP harbor). Modify this to the unused harbor number you require to utilize (e.g., 3390 or any other unused harbor number).
    Important: Ensure the unused harbor number is not as presently utilized by another service.
  4. Click Okay to save the changes.

Step 4: Plan the Windows Firewall to Allow the Cutting edge RDP Port

After changing the harbor in the registry, you are required to organize the Windows Firewall to allow affiliations on the unused port:

  1. Open the Control Board and investigate System and Security > Windows Shield Firewall.
  2. In the cleared-out sheet, press Advanced Settings to open the Windows Defender Firewall with Advanced Security window.
  3. In the Inbound Rules section, see for an existing run that appears named Blocked off Desktop (TCP-In). Right-click on this run the appear and select Properties.
  4. In the Properties window, go to the Traditions and Ports tab.
  5. Change the Adjacent Harbor from 3389 to the unused harbor number you organized in the registry.
  6. Click Okay to apply the changes.

Alternatively, you can make a cutting-edge inbound run that appears for the unused RDP port:

  1. In the Windows Shield Firewall with Advanced Security window, right-click on Inbound Rules and select Unused Rule.
  2. Choose Harbor as the run appears sort and tap Next.
  3. Select TCP and enter the cutting-edge harbor number in the Specific adjacent ports field.
  4. Select Allow the affiliation and tap Next.
  5. Specify when the run that appears applies (Space, Private, Open) and press Next.
  6. Give the run the appear a title (e.g., RDP Custom Harbor) and tap Finish.

Step 5: Restart the More Distant Desktop Service

To apply the changes, you are required to restart the Blocked off Desktop Service:

  1. Open the Organizations window by pressing Win + R, composing services.msc, and crushing Enter.
  2. Scroll down to find the Blocked off Desktop Organizations service.
  3. Right-click on it and select Restart.

This will restart the advantage and apply the advanced harbor configuration.

Step 6: Interface to the Server Utilizing the Unused RDP Port

With the unused RDP harbor outlined, you are required to demonstrate the harbor number when meddle to the server through Blocked off Desktop:

  1. Open the Blocked off Desktop Affiliation client on your adjacent machine.
  2. In the Computer field, enter the server’s IP address or hostname taken after by a colon and the advanced harbor number. For example:
    makefile   Copy code
192.168.1.100:3390
  3. Click Interface to construct the blocked-off desktop session utilizing the unused port.

Step 7: Test the Connection

After making these changes, it’s imperative to test the RDP affiliation to ensure everything is working correctly:

  1. Attempt to interface to the server utilizing the cutting-edge RDP harbor from a blocked-off machine.
  2. If the affiliation is productive, you’ve successfully changed the RDP port.
  3. If you have involved issues, double-check the registry settings, and firewall setup, and that the harbor is not blocked by any exterior firewalls.

Also read: How to Change Public Network to Private in Windows Server 2016

Conclusion

Changing the default RDP port in Windows Server 2016 is a simple yet effective way to enhance security and reduce the likelihood of unauthorized access. By following the steps outlined in this guide, you can easily modify the RDP port, configure the firewall, and connect to your server securely. Always remember to back up the registry before making changes and test your connection thoroughly to ensure everything is functioning as expected. This small adjustment can significantly contribute to the overall security and efficiency of your server environment.

Related Posts

Scroll to Top