Multiple Ports for RDP

Is there a way to manually input a port number when opening a Remote Desktop session. Scenario: there is a separate network containing two machines I need to manage from my remote location. The firewall precludes entrance to that network with the exception of when I mstsc to the firewall's exterior IP, port forwarding see's my IP and that I'm connecting through port 3389 and connects me to the server within that network. Can I set up another port forwarder for a different RDP port to connect to the other server in the same fashion as the first?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

dynamik

Yes: http://support.microsoft.com/kb/306759

You might want to also consider setting up a VPN as well. You wouldn't have to mess around with stuff like this if you had one in place.

flares2

Thanks dynamik, I ran across that too. My concern with that is that I can change the listening port on the remote server, but if I mstsc to the exterior firewall IP, wouldn't it default to 3389 as the source and go to the currently set up server.
I agree that a VPN would most likely be best, but company policies are company policies you know. I don't make them, I just follow them.

pennystrader

Use the Windows registry
regedit

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Terminal Server/WinStations/RDP-Tcp
Double click on the RDP-Tcp registry entry.
Click on the PortNumber key and double click it. Change the value to decimal mode. After you make the change, the Value Data field should read 3389. This is the default port–now type a new number, click OK, then reboot the computer. This computer is now ready to accept RDP connections on that port. I would start at 3389 and go up from there depending on how many computers you want to have access to: 3390, 3391, 3992, etc. Make sure your firewall of course is also updated so your computer can listen on each port.

snadam

flares2 wrote:

Thanks dynamik, I ran across that too. My concern with that is that I can change the listening port on the remote server, but if I mstsc to the exterior firewall IP, wouldn't it default to 3389 as the source and go to the currently set up server.

yes, but you can manually add the port number in mstsc simply by putting in the port number after the server name or IP Address (with a colon separating the two) servername:port

example: 'abcCorp:12345'

RussS

On the button snadam

ULWiz

I used the method someone else suggested. I manually went into the registry and changed 3389 to 3391.

sprkymrk

flares2 wrote:

Thanks dynamik, I ran across that too. My concern with that is that I can change the listening port on the remote server, but if I mstsc to the exterior firewall IP, wouldn't it default to 3389 as the source and go to the currently set up server.
I agree that a VPN would most likely be best, but company policies are company policies you know. I don't make them, I just follow them.

You need to create a rule on your firewall to listen on the new port and send it to the appropriate server. There are a few ways to do this, knowing your situation/setup/needs would help me make a suggestion one way or another.

flares2

Thanks for all the help guys. Snadam, that was exactly what I was looking for. For some reason that never dawned on me. I earlier tried Start>Run> mstsc:3390 and had no idea why it wasn't working. Durrr.....common sense wins again.