RDP Connection port
Optimizing RDP client/server for casual use. Make it use less bandwidth. Get higher throughput and adaptive transfers.
Since sometime around 2000 I have been working remotely over RDP. It is my preferred way of working since it allows me to have one main computer and my laptops are just a terminal. I have worked on low bandwidths, high bandwidths and everything in-between. For the most part the default settings served me well, but in some cases you may want to optimize it a bit further – and this is where this guide may be of help.
If you do not want to dig into the dirty details then just follow this list.
- Open up UDP port 3389 in your firewall/port forwarder. Both TCP and UDP should be open.
- Open Group Edit: gpedit.msc
- Navigate to “Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host”
- Set “Configure compression for RemoteFX data” to “Enabled” and “Optimized to use less network bandwidth” (if you have enough RAM, or “Balances memory and network” or “Optimized to use less memory” if not.)
- If you always connect through LAN/VPN then disable host-to-client encryption: Go to “Security” and set “Set client connection encryption level” to “Low level”. (Warning: Do not do this if you are not on a secure network.)
Of course you have to open/forward TCP port 3389 to enable RDP. Since RDP 8.0 (came as an update to Windows 7 and Windows Server 2008 R2) there has been some additional improvements to the protocol. Notably an UDP connection has been added for adaptive/lossy transfer. Microsoft describes it as: “This feature offers advanced techniques such as intelligent and adaptive UDP transports, network loss tolerance, and recovery to provide a fast and fluid experience to users on a WAN.” The immediate effect I spotted when opening the UDP port was that sound and picture was synced in videos, and that I could run a fullscreen 1080p (cartoon) video smoothly over a remote connection. The video was encoded in lower quality than its source, but it still played and the RDP connection worked smoothly.
Enable/forward UDP port 3389. Meaning that you will have both TCP and UDP port 3389 open/forwarded to your RDP host.
PS! If it is unclear what “enable/forward” means: The ports have to be opened in any firewall (local or on network), and in the case of NAT the port has to be forwarded.
Under group policy “Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment”.
In “Configure compression for RemoteFX data” change the compression level to what suits you best. Note that “Do not use an RDP compression algorithm” will use a lot of bandwidth. Set this to “Optimized to use less network bandwidth” if you suspect bandwidth is your bottleneck.
Up to Windows 7 this option was called “Set compression algorithm for RDP data”.
Under group policy “Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security”.
The setting “Set client connection encryption level” allows you to change the encryption level of your connections. For most cases it is strongly recommended to keep encryption enabled. Setting it to “Low level” will encrypt data sent from the client to the server (mouse/keyboard), while not encrypt data sent from the server to the client. The setting “Client Compatible” will attempt to negotiate the strongest supported encryption by both ends. The setting “High level” (recommended) will use 128-bit encryption in data both sent and received.
Note that decrypting data is not a CPU-intensive operation, therefore encryption has very little/no impact on the client.
If you are the admin of a RDP host server and you want to put certain limitations on your users there is a whole set of options you can change. To mention some:
If your desktop host is a Windows 7 or higher running as a HyperV virtual machine guest OS then you can enable RemoteFX. RemoteFX requires a compatible graphics card, and in short it gives your RDP session into the virtual host access to GPU hardware. For example I successfully started Battlefield 4 by RDP’ing into a Windows 8 virtual guest OS. It ran remotely (around 20Mb network connection) and it was very laggy (around 10 fps), but it did run nevertheless.