Using an alternate port for Terminal Services (RDP)

There can be several reasons to use an alternate port for remote terminal server access. Perhaps you have only one public IP address, but need to publish two terminal servers on that address. Perhaps you want to hide the server using a non-standard port so hackers don't see the terminal server as easily. Whatever the reason, the process if very simple.

This process works for all flavors of Microsoft server from 2000 through 2008, and for every Microsoft client that currently supports remote desktop connections

Edit the registry

  • Open the registry for the machine you wish to modify

  • Browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp 

  • Find the "PortNumber" subkey, and notice if it has either a hex value of "00000D3D" or the decimal value of "3389"
  • Modify the the value to have the decimal equivalent of the port you wish to change Terminal Services to
That's it. Keep in mind, if using Microsoft Terminal Services Client, or Remote Desktop connection, you'll need to add a colon after the IP address and before the new port number, so for example:
  • If the IP address was, and you were changing the port to 3333, then you would enter
Also keep in mind you may need to make firewall changes on both the client and the server depending on your configuration.



More from the Author

Jay Valente

Solution Architect