Port 3389: What Is It Used for & How to Open It for RDP

This post introduces the uses and security of port 3389. We also offer you a step-by-step tutorial to open the port for Remote Desktop access. If you are going to use RDP to access your remote device, keep reading to get the tips!


By Hester / Updated on February 16, 2023

Share this: instagram reddit

What is port 3389 used for?

What is 3389 port used for? It is used to allow users to connect to remote computers. For instance, Microsoft Remote Desktop Protocol typically uses TCP port 3389 to enable Remote Desktop connections to other computers. It allows remote network access over an encrypted route.

Port 3389

Is port 3389 safe?

While most of the time, this access is legitimate and authorized by the physical machine's owner, and there are still some port 3389 vulnerabilities. These vulnerabilities illustrate the risks and difficulties of maintaining secure remote access because it might be an open window for hackers to access your systems.

There are several approaches to tackle port 3389 vulnerabilities to protect a computing environment:

Use secure tunneling to encrypt and secure port 3389.

Firewalls can also be set to allow access to port 3389 only from a predefined list of safe IP addresses. Unfortunately, hackers who have hijacked a computer on the safe list and used it as a platform for initiating cyberattacks can defeat this defense technique.

Change port 3389 to an alternative port number to slow down and limit the risks.

How to open the RDP port to enable Remote Desktop access to your device [2 cases]

Since RDP port 3389 is the default for using the Remote Desktop, you need to open the port if you want to perform a remote session. Let's talk about how to open the port to make your device RDP accessible in two cases: on the LAN or outside the network.

Case 1. Allow Remote Desktop on the local network [through Windows Firewall]

To remote access a PC on the same network via RDP, you need to open the port through Windows Firewall.

Step 1. Open Windows Firewall, and choose Allow an App or Feature Through Windows Defender Firewall.

Allow App or Feature

Step 2. Click Change settings, tick Remote Desktop, then click OK.

Tick Remote Deskop

Case 2. Allow Remote Desktop over the Internet [through router]

If you want to make the RDP port accessible over the Internet, the RDP port should both be allowed through Windows Firewall and forwarded through your main Internet router to work correctly.

Before starting port forwarding, ensure you have gotten the IP address information and checked your router’s user manual for the login details.

Router Login

Step 1. Open a web browser, type in your router address, and press Enter.

Login Router Address

Step 2. Input the login details on your router and click Login.

Router Login

Step 3. When you log in, click Port Forwarding/Port Triggering, and click Add Custom Service.

Add Custom Service

Step 4. Enter a name for the new service, select "TCP/UDP" or "Both" under Service Type, type in your current RDP port number, and enter the IP address.

Set Up Port Mapping

Step 5. Click Apply to take effect and restart the router if necessary.

Bonus tip: An easier way to perform remote access via the Internet

As it requires a complicated process to function RDP over the Internet, you may look for an easier way to access your computer. In this case, we recommend you use another professional yet powerful remote desktop software, AnyViewer, to start a remote connection in all network conditions without extra settings.

★Besides, AnyViewer has the following advantages over RDP:
AnyViewer supports Windows Home/Standard editions, while RDP server side does not.
AnyViewer allows high-speed file transfer, while RDP file transfer is slow.
AnyViewer enables multi-sessions, while RDP requires CALs.
AnyViewer offers several considerate features like chat, while RDP has limited features.

Download AnyViewer on your devices:

Download Freeware Win 11/10/8.1/8/7
Secure Download

Now you can access your computer with the simple steps below!

Step 1. Launch AnyViewer on the host computer, and click Sign up for account registration.

Log in Anyviewer

Step 2. Complete the information and click Sign up.

Sign Up for Anyviewer

Step 3. On client computer, launch AnyViewer, log in with the same account, and then your device will automatically assign to the account.

Free Editions

Step 4. Go to Device section, click the host device, and select One-click control to perform a remote session with that device.

Connect to My Devices

Now you can take control of the host computer.

Remote Access Operations

Tips:✎...You are able to upgrade to Professional or Enterprise plan to enjoy more rights!


This post introduces what port 3389 is used for and how to open it for RDP connection. I hope this tutorial is useful for you, and now you can conveniently control your remote device. If your devices are in different network conditions, AnyViewer could always be your best choice!