Expertise Level: Medium
Windows servers are remotely accessible with Remote Desktop via the TCP 3389 port (default port). In some situations, as when you wish to obtain a more secure environment, changing the remote access port can be useful. This article explains how to proceed.
Important note: In order to maintain the access to your server after you change the access port, make sure your firewall is properly configured. To be safe, request a KVMIP or a virtual console if you are making the change for a virtual server.
The instructions below apply to machines under Windows Server 2012, 2008 R2, 2008, and 2003. Follow these steps:
- Connect to your server via Remote Desktop
- Click simultaneously on the Windows logo + R to open the “Run” dialog and execute the “cmd” command
- Open the registry editor by typing the “regedit” command
- Search for this registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
- Double-click or right-click on the “PortNumber” registry subkey, select the decimal base and type the port number of your choice (the default port is 3389, in this example, we selected port 3390). Click on “Ok” to save your selection.
- IMPORTANT: Make sure that remote access to your server through the new port is authorized in your Windows firewall before executing the next step.
- Exit the registry editor
- Restart your server
After the reboot, specify the Remote Desktop port number.