win Server 2012 R2& win Server2008 R2&win8&win8.1操作系统,修改远程桌面服务默认端口彻底突破防火墙
实战win Server 2012 R2& win Server2008 R2&win8&win8.1操作系统,修改远程桌面服
务默认端口3389方
法实战:彻底突破防火墙限制!
大家应该知道远程桌面连接默认使用的端口是3389,一旦公司在服务器或路由器上将3389端口进行了封锁,我们就没有一点办法了。其实远程桌面的使用端口是可以进行修改的,我们可以修改为公司没有禁止的端口,如21或80等。这样就可以再次轻松管理远程计算机了。将3389端口修改为80端口的方法如下:
第一步:在远程计算机(即被访问的计算机)上通过任务栏的“开始->运行->输入regedit”,打开注册表编辑器。
第二步:在注册表中找到Hkey_local_machine\system\currentcontrolset\control\termi nal server\wds\repwd\tds\tcp,将其下的portnumber值从3389修改为20140,注意10进制和16进制数字的区别。
第三步:还需要在注册表中找到hkey_local_machine\system\currentcontrolset\ control\terminal server\WINSTATIONS\RDP-TCP,将其下的portnumber值从3389修改为2 0140,同样注意10进制和16进制数字的区别。
完成以上三步,大多数认为都已经放开了远程桌面服务端口。经过实践,打开防火墙后,发现防不能正常连接,经测试,发现20140端口并为开放。
打开防火墙,进行防火墙规则里远程桌面服务默认3389改为20140端口。
第四步:[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Paramete rs\FirewallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fi rewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-2 8752|"
"{88F8BABF-1348-4622-8073-7A50577E3C54}"="v2.22|Action=Allow|Active=FALSE|Dir=I n|Protocol=17|Profile=Domain|Profile=Private|LPort=20140|App=%SystemRoot%\\syst em32\\svchost.exe|Svc=termservice|Name=@FirewallAPI.dll,-28776|Desc=@FirewallAP I.dll,-28777|EmbedCtxt=@FirewallAPI.dll,-28752|"
第五步、
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults \FirewallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fir ewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|"
"RemoteDesktop-UserMode-In-UDP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =17|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fi rewallAPI.dll,-28776|Desc=@FirewallAPI.dll,-28777|EmbedCtxt=@FirewallAPI.dll,-28752|"
第六步、
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Defaults\Fire wallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fir ewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|"
"RemoteDesktop-UserMode-In-UDP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =17|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fi rewallAPI.dll,-28776|Desc=@FirewallAPI.dll,-28777|EmbedCtxt=@FirewallAPI.dll,-28752|"
第七步、
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\ FirewallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fir ewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|"
"{88F8BABF-1348-4622-8073-7A50577E3C54}"="v2.22|Action=Allow|Active=FALSE|Dir=I n|Protocol=17|Profile=Domain|Profile=Private|LPort=20140|App=%SystemRoot%\\system3 2\\svchost.exe|Svc=termservice|Name=@FirewallAPI.dll,-28776|Desc=@FirewallAPI.dll,-287 77|EmbedCtxt=@FirewallAPI.dll,-28752|"
第八步、
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Paramet ers\FirewallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fir ewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|"
"{88F8BABF-1348-4622-8073-7A50577E3C54}"="v2.22|Action=Allow|Active=FALSE|Dir=I n|Protocol=17|Profile=Domain|Profile=Private|LPort=20140|App=%SystemRoot%\\system3 2\\svchost.exe|Svc=termservice|Name=@FirewallAPI.dll,-28776|Desc=@FirewallAPI.dll,-287 77|EmbedCtxt=@FirewallAPI.dll,-28752|"
第九步
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Defaults\Fire wallPolicy\FirewallRules]
"RemoteDesktop-UserMode-In-TCP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =6|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fir ewallAPI.dll,-28775|Desc=@FirewallAPI.dll,-28756|EmbedCtxt=@FirewallAPI.dll,-28752|"
"RemoteDesktop-UserMode-In-UDP"="v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol =17|LPort=20140|App=%SystemRoot%\\system32\\svchost.exe|Svc=termservice|Name=@Fi rewallAPI.dll,-28776|Desc=@FirewallAPI.dll,-28777|EmbedCtxt=@FirewallAPI.dll,-28752|"
经过以上修改防火墙默认rules规则里3389改为20140端口。开启防火墙后,在防火墙——>高级防火墙->入站规则里远程桌面-》启用后,端口已修改为20140.通过开启防火墙后能正常连接。
MSTSC远程桌面客户端里输入:IP:20140,测试能正常连接。
经过实践,通过上述方法修改防火墙里默认防火墙rule规则端口,彻底突破防火墙限制。上述方法适用实战win Server 2012 R2& win Server2008 R2&win8&win8.1操作系统,修
改远程桌面服务默认端口3389方
法实战:彻底突破防火墙限制!
山东菏泽市