Quite often, users who use some software products or system tools to access their own computers or other features of installed software from outside via the Internet have to open (forward) ports specially designed for this purpose. One of the main ones is port 3389. How to open it using a few simple techniques for this, then we'll see. But first, let's find out why it is needed at all.
What is port 3389 used for?
By default, in almost all versions of Windows, ports used and not used for outgoing or incoming connections are activated or blocked directly by the system. Therefore, it is unlikely that in standard settings port 3389 is closed.
By default, the system uses it for remote access (RDP), in which the port is freed automatically. Another thing is that it can be intercepted by some other program or deactivated on the router when it is necessary to connect to several computer terminals at the same time. Thus, questions arise about how to open port 3389, if it is blocked in the standard setting.
Port opening in the firewall
As the very first and simplest solution, you can suggest opening the port directly in the settings of the built-in Windows firewall, called the firewall. Suppose that a user needs to activate a port so that it can connect to a configurable computer from another PC, laptop, or mobile device. How to open port 3389?
To do this, call the firewall settings section using the Run menu and the firewall.cpl command, then go to additional parameters, select the incoming connections item on the left side of the menu, and the new rule creation point on the right. In the "Wizard" indicate that the rule is created for the port, set TCP as the protocol type and enter the port number (3389) in the corresponding field. Network type settings, in principle, can be left unchanged, but it is still recommended to uncheck the box for public networks (this is required to ensure more complete security). Upon completion of all actions, the port will be open.
Port forwarding on the router
In some cases, the above steps are not enough, because the same port cannot be used for specific computer terminals connected to the router or located on the same wireless network. How to open port 3389 in this situation? To do this, use a technique called port forwarding (from English Port forwarding).
Via any installed web browser, go to the router settings by writing in the address bar the value indicated on the nameplate located on the back of the device (usually it is 192.168.0.1 or ending with 1.1), enter the login and password (usually Admin is used for both fields ), then go to the forwarding section, in which the virtual servers tab automatically opens, add a new rule by clicking the corresponding button, enter the service port number (or range of numbers) and internal port (3389), specify the protocol type and you take all types if you donβt know exactly what to use. From the drop-down list, select the desired service, although this is optional), and then set the port status to enabled. Please note immediately that a static address is entered as the IP address, which must be specified in the IPv4 protocol settings. In the case of dynamic addresses, you can use the address range that can be found in the activation section of the DHCP server. If the connection still remains inactive for some reason, write down the same parameters in the Port Triggering section (for example, when using TP-Link routers), then save the changes and reboot the router.
What to do if port 3389 is not listening?
If the actions for opening the port do not work in any of the described cases, in the parameters of the router if you have a dynamic address, try to bind the port to the computer using the MAC address, which will not be difficult to find if you use the properties of an active network connection. Also sometimes changing the port number of the terminal server in the registry helps.
In the editor (regedit), go through the HKLM branch and find the RDP-Tcp section there, and on the right change the value of the PortNumber key from set to 3389, then reboot the system.
If you change port 3389 to another, you will need to restart the terminal server service. To do this, at the command prompt, run two commands:
- net stop TermService;
- net start TermService.