How to Change the RDP Port on Windows Server 2022

How to Change the RDP Port on Windows Server 2022?

/ Knowledgebase, Remote Desktop Protocol (RDP)

To change the RDP port on Windows Server 2022, you need to update the Windows Registry settings to modify the default Remote Desktop Protocol (RDP) port (which is 3389) to a new port of your choice, then adjust the Windows Firewall rules to permit traffic on the new port. This helps enhance security by making it harder for attackers to target the default RDP port, but you must also ensure that the new port does not conflict with other services and that you always specify the new port number when connecting via Remote Desktop.

Why Change the Default RDP Port?

Using the default RDP port exposes your server to unnecessary risks. Here are some reasons to consider changing it:

  1. Prevent Brute-Force Attacks: Cybercriminals frequently target port 3389 with automated tools to guess login credentials.
  2. Avoid Port Scanning: Port 3389 is often included in port scans by malicious actors.
  3. Enhanced Security: Changing the port creates an additional layer of obscurity, reducing exposure to attacks.
  4. Compliance with IT Policies: Some organizations mandate non-standard ports for remote access.

Prerequisites for Changing the RDP Port

Before proceeding, ensure the following:

  • Administrative Access: You need administrator privileges on the Windows Server 2022.
  • Firewall Access: Ensure you can modify the firewall rules to allow the new port.
  • Remote Desktop Enabled: Verify that RDP is already enabled and functioning on your server.

Step-by-Step Guide to How to Change the RDP Port on Windows Server 2022?

 

Step-1: Backup the Registry

The process involves modifying the Windows Registry, which is sensitive and can cause issues if done incorrectly.

  1. Clicks Win + R to open the Run dialogs.
  2. Writes regedit & press Submit to open the Registry Editors.
  3. Navigate to File > Export to create a backup of your current registry settings. Save it in a secure location.

Step-2: Locate the RDP Port Registry Key

  1. In the Registry Editors, navigate to the seeing path:
    arduino   Copy code
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  2. Look for the PortNumber entry in the right pane.

Step-3: Modify the Port Number

  1. Double-click on the PortNumber entry.
  2. Select Decimal as the base.
  3. Enter your desired port number (e.g., 50000). Choose a port number that is not commonly used by other applications or protocols.
  4. Click OK to save changes.

Step-4: Update the Windows Firewall Rules

    1. Open the Windows Defender Firewall:
      • Press Win + S, type Windows Defender Firewall, & select it.
    2. Click Advanced Settings on the left panel.
    3. In the Inbound Rules, locate the rule for Remote Desktop Protocol:
      • Look for rules named Remote Desktop – User Mode (TCP-In) or similars.
    4. Right-click the rule and select Properties.
    5. Go to the Protocols and Ports tab.
    6. Update the Local Port field to the new port number you chose in Step 3.
    7. Click OK to save changes.

Step-5: Allows the New Port in Your Firewall (Optional)

If no existing rule matches the new port, create a new rule:

  1. In Advanced Settings, click Inbound Rules & select New Rule.
  2. Select Port as the rules types & click Next.
  3. Select TCP and specify the new port number.
  4. Choose Allow the Connection and click Next.
  5. Apply the rule to all profiles (Domain, Private, Public) or as per your requirements.
  6. Name the rule (e.g., “Custom Remote Desktop (RDP) Port”) & click Finish.

Step-6: Restart the Remote Desktop Service

To apply the changes:

    1. Open the Services console:
      • Press Win + R, & types services.msc, & press Enter.
    2. Locate the Remote Desktop Services in the list.
    3. Right-click the service and select Restart.

Step-7: Test the New RDP Port

  1. Use a Remote Desktop (RDP) client to connect to your server.
  2. Submit the server’s IP address followed by a colon & the new port numbers:
    markdown   Copy code
[Server-IP]:[New-Port]

    For example, 192.168.1.100:50000.

  3. Verify that you can successfully connect to the servers.

Common Issues and Troubleshooting

Issue-1: Unable to Connect After Changing the Port

  • Cause: The firewall rule for the new port might not be configured correctly.
  • Solution: Double-check the inbound rule in Windows Defender Firewall and ensure the correct port is allowed.

Issue-2: Conflict with Another Application

  • Cause: The chosen port might already be in use by another service.
  • Solution: Use the netstat -a -n command to identify active ports and select an unused one.

Issue-3: Remote Desktop Service Not Restarting

  • Cause: Changes in the registry may not be applied correctly.
  • Solution: Verify the registry key and confirm the Remote Desktop Services are restarted.

Additional Security Tips for RDP

Selecting the port is just one more step to secure your RDP. Here are additional tips:

  1. Enable Network Level Authentication (NLA): This ensures only authenticated users can access Remote Desktop Protocol sessions.
  2. Use Strong Passwords: Enforce a strong password policy for all accounts.
  3. Implement Two-Factor Authentication (2FA): Add an extra layer of security by requiring a secondary authentication method.
  4. Limit Access by IP Address: Restrict RDP access to specific IP ranges in the firewall.
  5. Monitor and Log RDP Connections: Use logging tools to track who is accessing your server.

Conclusion

Change the RDP port on Windows Server 2022 is a straightforward yet effective step to improve your server’s security. By following the steps outlined in this guide, you can reduce the risk of unauthorized access and ensure a more robust remote desktop environment.

Always test changes in a controlled environment and maintain a detailed documentation log for your server configurations. With the default port changed and additional security measures in place, your server will be better equipped to handle modern cybersecurity threats.

Related Posts

Scroll to Top