Windows 8/10/2008/2012 - Non-Standard Listening Port for RDP

posted Jul 18, 2013, 9:23 AM by Andrew Chadick   [ updated May 17, 2016, 7:05 PM ]
To change the port that Remote Desktop listens on, follow these steps. 

Important Serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully.
  1. Start Registry Editor.
  2. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
  3. On the Edit menu, click Modify, and then click Decimal.
  4. Type the new port number, and then click OK.
  5. Quit Registry Editor.        
  6. Modify Firewall Rules:
Computer\HKeyLocalMachine\System\CurrentControlSet001\Services\SharedAccess\Defaults\Firewall Policy\Firewall Rules\

(On the right side of the pane)    -------->    RemoteDesktop-In-TCP

Look for Port Number 3389, Right Click, click Modify, on that line,
and pop in your favorite non-standard.


7. Restart the computer.

=== = ==== Additional Notes=== = ====
In the Firewall Rules (Advanced) you have to enable Remote Desktop

If you find after messing with the settings on 2012 R2 you find that your computer is being dropped right off the bat, you click connect, and its like nothing has happened, it may just be that the certificate you used initially is no longer valid.  To kill off the old cert, open mmc, add certificates, go to remote desktop, right click on the terminal server cert, and delete it.  Reboot.  Once you are back up to the login screen, try RDP again.  This time it should take.


Comments