Advanced search

Windows Server is no longer accessible via RDP after Windows Update

Due to an update from Microsoft, the RDP port may be blocked.

We recommend changing the RDP port and adjusting the firewall accordingly. Please note that you can lock yourself out completely without changing the firewall.

 

Graphic solution

 

Customize RDP port

You can change the RDP port via the registry. To do this, open the registry via the search as administrator. To do this, enter "regedit" in the search field. With a right click you can "run as administrator" the registry.

Now navigate to: "Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp".

Double-click on the "PortNumber" field to change the entry to "decimal". You can now set the new value for the RDP port.

 

Windows Firewall Customization

Navigate to "incoming rules". Here there is an entry for "Remote Desktop (TCP incoming)". Here, the port TCP3389 is set by default and, due to the predefined rule, cannot be changed. To assign a new port number for the RDP port, you have to create a new rule. To do this, you can create an additional rule for TCP via "New rule". Here you then enter your previously newly defined port number.
Subsequently, the default rule for port 3389 can be deactivated if you no longer need this port.

 

Neustart Remote Desktop Service

After creating a new rule in the firewall, the RDP service must be restarted.
Important: Do not stop the RDP service because you would lock yourself out. You must RESTART the RDP service here.Im Anschluss der

After the adjustments have been made and the default rule for port 3389 has been deactivated, a login via RDP is only possible via the previously defined port. To do this, enter the IP address and the new port when connecting:

<IP-Adresse>:Port

 

Shell solution

You can also make the changes in the shell. To do this, open a shell as administrator and enter the following:

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value 3390

Sets the port to "3390".

New-NetFirewallRule -DisplayName 'RDP TCP IN' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 3390 New-NetFirewallRule -DisplayName 'RDP UDP IN' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort 3390

Sets the firewall rule.

Subsequently, the RDP service is restarted:

restart-service termservice

You cannot comment on this entry

Rate this FAQ

0 (0 Votes)

Tags

Related entries