RDP TLS Certificate Deployment Using GPO

Remote Desktop Connection port 3389

Port / September 3, 2021

Windows Firewall doesn't block outgoing ports, only incoming ports.Computers send and receive data over transmission control protocol and user datagram protocol ports. Windows 8 uses both TCP and UDP port 3389 to communicate via Remote Desktop Connection, but since hackers can exploit the port to execute a denial-of-service attack on a target, Windows Firewall leaves these ports disabled. To establish a remote connection with another computer while reducing your risk of attack, leave port 3389 enabled only when you're using RDC.

Point to the top right of the screen or press "Windows-C" to open the Charms bar. Click "Search."

Enter "firewall" into the search field, click "Settings" and then click "Windows Firewall."

Select "Advanced Settings" from the left pane to open Windows Firewall with Advanced Security.

Click "Inbound Rules, " scroll to the right to see more categories and then click the "Local Port" field to sort the existing rules.

Locate TCP port 3389 in the list. Double-click the associated rule, "Remote Desktop - User Mode (TCP-In)."

Select "Enabled" on the General tab, and then click the "Advanced" tab. Deselect "Domain, " "Private" or "Public." (For improved security when connecting to unsecured networks, uncheck "Public").

Click "OK" to enable TCP port 3389, and then close Windows Firewall.


  • check You must also enable "Remote Desktop - User Mode (UDP-In)" to use Remote Desktop.

Source: itstillworks.com