Quickly Change RDP Port using PowerShell

When you connect to a computer through the Remote Desktop client, the Remote Desktop feature on your computer “hears” the connection request through a defined listening port (3389 by default).

Some organizations prefer to change the default RDP port (3389) to a custom port to make it more challenging for potential attackers to gain unauthorized access.

Fortunately, with the power of PowerShell, changing the RDP port becomes a straightforward process. By executing a single command in PowerShell, you can customize your RDP port to suit your specific requirements. This not only adds an extra layer of security but also allows you to have greater control over your remote desktop connections.

In this section, we will explore step-by-step instructions on how to change the listening port for Remote Desktop using PowerShell. By following these guidelines, you will be able to implement this crucial security measure with ease and confidence. You can also change RDP port number using SCCM or manually by editing the registry.

PowerShell Script to Change RDP Port

The below PowerShell script lets you change RDP port from default 3389 to a custom port. Before running the below PS script, you’ll need to specify the custom port for RDP.

To run the below script, copy and paste it to a text editor and change the name to something like changeRDPport.ps1. On your Windows Server or client, launch the Windows PowerShell as administrator and run the below script.

$portvalue = 3390

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue 

New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue 
New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue

Verifying the new RDP Port

After you have modified the RDP port number using the above script, you can run a simple PowerShell command to verify the RDP listening port. You can also use CMPivot query to quickly determine the RDP port of a client computer or Windows server.

Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber"
Verifying the new RDP Port | Change RDP Port
Verifying the new RDP Port | Change RDP Port


Hi, I am Pragati. As a Technical Consultant, I help businesses harness the latest innovations in Cloud applications, Intune, Windows 365, and more. Sharing my knowledge and insights through this blog to inspire and empower others in their digital transformation. Let's revolutionize the way we work and thrive in the cloud era together!

Related Articles

Back to top button