Quickly Change RDP Port using PowerShell
When you connect to a computer through the Remote Desktop client, the Remote Desktop feature on your computer “hears” the connection request through a defined listening port (3389 by default).
Some organizations prefer to change the default RDP port (3389) to a custom port to make it more challenging for potential attackers to gain unauthorized access.
Fortunately, with the power of PowerShell, changing the RDP port becomes a straightforward process. By executing a single command in PowerShell, you can customize your RDP port to suit your specific requirements. This not only adds an extra layer of security but also allows you to have greater control over your remote desktop connections.
In this section, we will explore step-by-step instructions on how to change the listening port for Remote Desktop using PowerShell. By following these guidelines, you will be able to implement this crucial security measure with ease and confidence. You can also change RDP port number using SCCM or manually by editing the registry.
PowerShell Script to Change RDP Port
The below PowerShell script lets you change RDP port from default 3389 to a custom port. Before running the below PS script, you’ll need to specify the custom port for RDP.
To run the below script, copy and paste it to a text editor and change the name to something like changeRDPport.ps1. On your Windows Server or client, launch the Windows PowerShell as administrator and run the below script.
$portvalue = 3390 Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue
Verifying the new RDP Port
After you have modified the RDP port number using the above script, you can run a simple PowerShell command to verify the RDP listening port. You can also use CMPivot query to quickly determine the RDP port of a client computer or Windows server.
Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber"