Remote Desktop Protocol (RDP) is a key tool for many IT professionals and remote workers. It allows users to connect to other computers (mainly used on Windows OS computers) over a network connection.

Knowing which port RDP uses is important for setting up secure remote access and for allowing firewall access to servers remotely.
RDP typically uses TCP port 3389 by default.
This TCP port is set by Microsoft for RDP connections on Windows systems. When you enable Remote Desktop, the service starts listening on port 3389.
This port must be open in firewalls to allow RDP traffic. Some organizations change the default port for security reasons. When connecting to a computer with a non-standard RDP port, users need to specify the new port number on the RDP client.
IT admins should consider security best practices when using RDP for remote access because this protocol is prone to vulnerabilities and introduces high risk for unauthorized access.
UDP Port 3389 For Better Performance
Although the standard port for RDP is TCP 3389, you can have a mixed configuration whereby you can have both TCP and UDP 3389 for Remote Desktop Protocol. Actually, by default the RDP service listens to both UDP and TCP on Windows systems.
See the screenshots below for my own Windows system:
![]()
![]()
As you can see from above, port 3389 (RDP) listens on both TCP and UDP.
Having UDP is known for offering faster performance and connection speed especially for graphics and multimedia since UDP has lower overhead and is better for real-time data.
Therefore, when you are configuring your local windows firewall, or the external hardware network firewall, it is better to allow both UDP and TCP 3389 to pass.
Understanding Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) enables remote access and control of desktops, servers, and applications. It is mostly used on Windows machines.
The Role of RDP in Remote Administration
RDP is key for IT teams managing remote systems. It lets admins access Windows servers and workstations from anywhere. This saves time and travel costs.
RDP works on Windows 10, 11, and Server versions like 2016, 2019, and 2022 (and also on older OS versions as well). It sends screen images, mouse clicks, and keyboard input between devices.
The protocol encrypts data for security. This protects sensitive info during remote sessions. RDP clients are built into Windows. Third-party apps exist for other systems too.
IT pros use RDP to fix issues, update software, and manage settings on far-away machines. This keeps systems running smoothly without on-site visits.
How to Change the Standard RDP Port Number
The default RDP port is 3389 as we mentioned above.
For added security, you can change this port. To do so, modify the Windows Registry:
Search for “regedit” and click on Registry Editor.
Find the “PortNumber” value in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
You need to right click on the above “PortNumber” field and select Modify. Change to Decimal and put a new port number and save.
Port Forwarding for RDP Access
Port forwarding lets you access RDP from outside your local network. Set up port forwarding on your router to direct incoming traffic to the right internal IP address.
Choose a different external port for added security. For example, use port 3390 externally to forward to 3389 internally. This helps hide your RDP port from potential attackers.
Remember to update your firewall rules when changing ports. Allow both TCP and UDP protocols for smoother RDP performance.
Security Measures and Concerns for RDP
Remote Desktop Protocol (RDP) offers convenience but brings security risks. To use RDP safely, it’s key to put strong protections in place and be aware of potential threats.
Protecting Against Unauthorized Access
RDP can be a target for hackers. They often try to guess passwords or use stolen ones. To stop this, use strong passwords with letters, numbers, and symbols. Set up account lockout rules to block users after too many wrong tries.
Don’t let RDP connect straight from the internet. Use a VPN or firewall to limit who can reach it. Change the default port 3389 to a random one to make it harder to find.
Keep systems up to date with the newest patches. Old software can have vulnerabilities that attackers use to get in.
If you must allow users to connect via RDP over the internet, then allow firewall access only from specific static IP addresses and do not allow the whole Internet (any source) to connect.
Encryption and Secure Channels
RDP sends data over networks. Without protection, someone could steal this info. Use built-in RDP encryption to scramble the data. For more safety, set up a VPN. This makes a secure tunnel for RDP traffic.
Check that RDP uses the latest security settings. Older versions might have weaker encryption. Make sure to pick the strongest options in your RDP setup.
Authentication and Access Control
Good authentication stops unwanted users from getting in. Turn on Network Level Authentication (NLA). This checks users before they fully connect.
Set up multi-factor authentication (MFA). This asks for more than just a password, like a code from your phone (called “One Time Password”). It makes it much harder for attackers to break in.
Limit who can use RDP. Only give access to those who really need it. Use group policies to control these permissions or give remote desktop access only to specific local users on the Windows machine. Regularly check and update who has access.
Use of Remote Desktop Gateway (RD Gateway)
This is a Role within Windows Server that enables authorized remote users to connect to resources on an internal corporate network from any internet-connected device.
It is a good security practice in Enterprise environments to use an RD Gateway since it uses tunneling of RDP over HTTPs, and its benefits include avoiding direct exposure of port 3389, centralized access control, use of encrypted SSL/TLS communication and much more.
How RD Gateway Works Briefly:
- A remote user initiates an RDP connection to the RD Gateway server.
- The connection is established using HTTPs (port 443).
- The user authenticates to the gateway.
- If authentication succeeds and connection policies allow, the gateway establishes an RDP connection to the requested internal resource.
- The gateway then tunnels RDP traffic between the client and the internal resource.
Related Posts
- Difference Between Routers and Switches in TCP/IP Networks
- 11 Different Types of IP Addresses Used in Computer Networks
- Compare and Contrast Network Topologies (Star, Mesh, Bus, Hybrid etc)
- 11 Networking Companies Like Cisco (Competitors)
- What is a Wildcard Mask – All About Wildcard Masks Used in Networking