How can I change the default port that Terminal Services listens on?

By default, Terminal Services uses TCP port 3389 for client connections. This port is not blocked by the campus firewall. You can use the following instructions to improve security by changing the port to 513, which is blocked by the campus firewall, and should not conflict with any other services running on a Windows machine.

  1. Change the port for any new RDP listeners created in the Terminal Server Manager:
    1. Run regedit.exe and go to this key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
    2. Find the “PortNumber” subkey and notice the value of 00000D3D, hex for (3389). Modify the port number in decimal to 513
  2. Change any existing RDP listeners (only one is created with a default installation).
    1. Run regedit.exe and go to this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp
    2. Find the “PortNumber” subkey and notice the value of 00000D3D, hex for (3389). Modify the port number in decimal to 513.
  3. On the next reboot, the Terminal Server will be listening on port 513.
  4. To connect to the new port, use the XP RDP Client (this client will work on any Windows OS) and connect using the syntax computername:513

Note: To connect to the Terminal Server from off campus, you will now need to use the VPN to connect into the Campus Network, first. On-campus access will not require use of the VPN.

How can I connect to a Terminal Server that is running on a non-standard port?

  1. If your client machine is running XP, skip this step. Otherwise, download and install the XP RDP Client (this will run on any Windows OS) .
  2. Go to Start -> Run and type “mstsc.exe”.
  3. Type in MyComputerName:portnumber and click “Connect”.terminal 3