This article explains how to change the network port for Remote Desktop on a Windows Server. It is typically done to work around firewall restrictions or as an additional security measure.

Warnings:

  • Changing the default RDP port should be used as an addition to normal server security measures - not as an alternative.
  • making these changes will prevent the RDP file for your VPS(found in mPanel) from connecting unless it is modified. If you are not sure you understand the changes being made, please back up your VPS first, or don't change anything.


Part 1:Configuring The RDP File


1.1 Log into mPanel and browse to the remote access page for the VPS. Download the RDP file for your VPS, saving with a file name which can be easily identified as a modified version. e.g. newrdpport.rdp


Save-RDP-File-with-Alternative-Name


1.2 Locate the downloaded RDP file to used to log into the VPS, then right-click it and select Edit from the menu dialogue.


RDP-Alt-File-Append-Port


1.3 In the Computer: field enter the IP address of your VPS followed by a colon and the new RDP port number you will be using. e.g. 103.1.188.189:23654


1.4 Click the Save button in the 'Connection settings' section just below where you entered the VPS IP and new RDP port to use.


Part 2: Configuring the VPS Firewall


2.1 Open the Windows Firewall configuration dialogue on the VPS. Click the Start menu and go to Settings -> Control Panel -> Windows Firewall(usually the last Control Panel item).


Open-Win-Firewall-VPS


2.2 Click the 'Exceptions' tab in the Windows Firewall window.


Firewall-Exceptions-Tab-Click-Add-Port


2.3 Click the 'Add Port' button to bring up a new configuration window.


Add-Port-Enter-Name-and-Port


2.4 Enter a name for the new firewall rule being created, and the same port number entered into your RDP file in Part 1.3 of the guide. Leave the default TCP option selected and click OK.


Example:

Name: Alternate RDP Port

  Port Number: 23654


Note: If you will only be accessing your VPS from a static IP address(or addresses), you can add the IP address in the 'Change Scope' section using the 'Custom List' option for additional security.


2.5 Click the OK button to exit the Windows Firewall configuration and save the changes.


Part 3. Editing the Windows registry on the VPS


3.1 Open the registry editor on the VPS by clicking the Start menu, go to Run... and type in 'regedit' (without including the quotation marks) and click OK or hit the enter key.


Open-Run-Box

Start-Regedit


3.2

In the registry editor, navigate to the registry key 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp'.


Navigate-to-Registry-Key


3.3 Scroll down the right side of the window and double-click 'PortNumber'.


3.4 Select the 'Decimal' option in the Edit DWORD Value' window.


3.5 Enter the same port number you chose as your new RDP port in Part 1.3 of the guide, then click OK.


Click-Decimal-and-Change-Port


Part 4. Testing the changes


4.1 Restart your VPS with the facilities provided in mPanel or from the Shut down menu on the VPS.


Restart-VPS-for-Port-Change-Test


4.2 Once mPanel indicates the VPS is back online and responding to pings, double-click the RDP file previously edited in Part 1. of the guide. A security warning dialogue will open. Check the 'Don't ask me again for connections to this computer' box to prevent this popping up each time you want to connect to your VPS, then click Connect.


Accept-Sec-Certificate-Check-Dont-Nag


4.3 The VPS desktop login dialogue should appear if the change was successful. You should notice the port number in use is displayed in the window title. Enter your VPS login credentials and check your VPS' desktop is as you left it.


Successful-RDP-Port-Change-Login-Screen


4.4 After successfully logging into the VPS using the new RDP port the default RDP firewall rule can be disabled(deselected) and the configuration saved by clicking OK.


VPS-Firewall--Exceptions-Uncheck-Remote-Desktop


4.5 The new configuration can be tested by attempting to connect to the VPS with the original(unmodified) RDP file. Attempting to connect to the VPS with the original RDP file should fail.