Change the Default RDP Port in Windows Server 2025

Change the Default RDP Port in Windows Server 2025

Overview

This article explains how to change the default Remote Desktop Protocol - RDP listening port on Windows Server 2025.

By default, Windows listens on TCP port 3389. Changing the port can reduce automated scanning and low-effort attacks, but it does not replace proper security controls.

Before You Begin

Requirements

- Local administrator access to the server

- Console access available in case of lockout

Choose a Port

- Select a TCP port between 1025 and 65535

- Avoid ports used by other services

- Record the selected port for documentation

Important: Do not close your current RDP session until the new port is confirmed working.

Step-by-Step - Change the RDP Port

Step 1 - Modify the Registry

1. Press Windows + R, type regedit, and press Enter.

2. Navigate to the following registry path:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

3. In the right pane, double-click PortNumber.

4. Select Decimal.

5. Enter your new port number (example: 3395).

6. Click OK.

Note: The value is a REG_DWORD. Always choose Decimal before entering the port.

Step 2 - Configure Windows Firewall

1. Open Windows Defender Firewall with Advanced Security.

2. Click Inbound Rules.

3. Click New Rule.

4. Select Port and click Next.

5. Select TCP.

6. Choose Specific local ports and enter your new port.

7. Select Allow the connection.

8. Choose the applicable profiles (Domain, Private, Public).

9. Name the rule (example: RDP - Custom Port 3395).

10. Click Finish.

Step 3 - Apply the Change

Option A - Restart the Server

- Reboot the server to activate the new port.

Option B - Restart Remote Desktop Services

- Open Services.

- Restart Remote Desktop Services.

- Allow dependent services to restart if prompted.

Step 4 - Connect Using the New Port

Use this format in Remote Desktop Connection:

ServerNameOrIP:Port

Example:

192.168.1.10:3395


Verification

Confirm the new port is listening:

netstat -an | find ":3395"

Replace 3395 with your chosen port.

Optional - Quick Registry Check via PowerShell

You can confirm the registry location exists with:

Get-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"

Optional Hardening

- Disable inbound rules allowing TCP 3389 after verification

- Restrict access by source IP at firewall level

- Use VPN or secure tunnel solutions

- Implement multi-factor authentication

Rollback Procedure

1. Set PortNumber back to 3389(Decimal).

2. Ensure firewall rules allow TCP 3389.

3. Restart the server or Remote Desktop Services.

Summary

The default RDP port has been successfully modified and secured with updated firewall rules. Always verify connectivity before ending your administrative session.

    • Related Articles

    • Create a Self-Signed Certificate for an IIS Website on Windows Server 2025

      This guide shows the GUI method in IIS Manager and the PowerShell method. It also covers binding the certificate to a site and optional export. GUI method in IIS Manager 1) Open IIS Manager (inetmgr). 2) In the Connections pane, click your server ...

    • Create a New IIS Website on Windows Server 2025

      This guide covers recommended layout, IIS steps, and a PowerShell script to automate setup. Best practice folder layout • Create one folder per site outside wwwroot. • Example: – C:\inetpub\MyNewSite Step by step in IIS Manager GUI 1) Create the site ...

    • SQL Server Restore Troubleshooting (SSMS GUI)

      This guide lists common restore errors you may see when importing a .bak in SQL Server Management Studio and how to resolve them. Focus is on GUI-based fixes, with small T-SQL snippets where helpful. Quick checklist • Confirm the .bak is on the SQL ...

    • Restore a SQL Server Database from a .bak using SSMS (GUI)

      This guide shows how to restore a .bak file into SQL Server 2022 or SQL Server Express using SQL Server Management Studio (SSMS) only. No T-SQL required. Prerequisites • SSMS installed and you can connect as a login with restore rights. • The .bak ...

    • Fixed Database Roles Cheat-Sheet

      1. db_owner • Full control of the database (create/alter/drop objects, manage permissions, backup/restore, etc.). • Equivalent to being a “database admin.” • Use when: You want someone to manage everything in just one DB. ————— 2. db_datareader • Can ...

    • Popular Articles

    • How to add your Microsoft 365 Email on an iPhone using the Outlook app

      How to Set Up Microsoft 365 Email on Your iPhone Using Outlook This guide will walk you through downloading the Outlook app and adding your Microsoft 365 email account on your iPhone. ————— Step 1: Download the Outlook App 1. Open the App Store on ...

    • Outlook Error "5objp" when setting up email on Outlook App

      Follow these steps if you are having trouble signing into Outlook with your Microsoft 365 account: ————— Step 1: Start with the onmicrosoft.com Address • First, try signing in using the @myorg.onmicrosoft.com format email address. – Example: ...

    • How to update your credit card on file

      Do you need to update your credit card on file within the Twilight I.T. Customer Portal? Here is what you need to do... Step 1: Log into the portal at https://portal.twilightit.com Step 2: Click on BILLING in the top menu. Step 3: Click on PAYMENT ...

    • How to view or download invoices on your account

      Here is the process of viewing and/or downloading invoices on your account with Twilight I.T. Step 1: Log into the client portal at https://portal.twilightit.com Step 2: Click on the BILLING menu Step 3: From here you can view all your invoices. If ...

    • How to add your Microsoft 365 Email on an Android phone using the Outlook app

      How to Set Up Microsoft 365 Email on Your Android Phone Using Outlook This guide will walk you through downloading the Outlook app and adding your Microsoft 365 email account on your Android device. ————— Step 1: Download the Outlook App 1. Open the ...