RDP Port 3389 Not Working Solutions Remote Desktop Protocol (RDP) is one of the most widely used tools for remote administration in Windows environments. TCP port 3389 is the default for RDP communications. When this port stops working, administrators may lose remote access to servers or workstations, resulting in downtime, productivity loss, or emergency on-site interventions. Fortunately, most RDP-related issues can be diagnosed and resolved using systematic troubleshooting steps.
This article explains common reasons why RDP port 3389 may fail, along with complete solutions to restore connectivity.
Common Causes of RDP Port 3389 Not Working
Before diving into solutions, it’s helpful to understand what typically prevents RDP from working:
a. Firewall Blocking Port 3389
Both Windows Firewall and third-party firewalls can block incoming RDP traffic. If port 3389 is not allowed, remote connections will fail.
b. RDP Service Not Running
The “Remote Desktop Services” service must be active for the port to listen. If the service is disabled or stuck, the port won’t respond.
c. Network-Level Issues
Routers, NAT configurations, VPN tunnels, or ISP restrictions can block or misroute traffic on port 3389.
d. Incorrect RDP Port
Some administrators change the default port to improve security. If the port is changed but the client is still connecting to 3389, the connection will fail.
e. IP Address or DNS Misconfiguration
Incorrect IP assignments, DNS entries, or conflicts can make the server unreachable.
f. Windows Updates or System Changes
Updates may reset firewall settings or disable RDP unexpectedly.
g. Account or Group Policy Restrictions
User accounts may not have permission to use RDP, or Group Policy settings may restrict remote connections.
How to Check Whether Port 3389 Is Listening
Start by verifying if the port is actually open on the target machine.
Use Command Prompt:
netstat -ano | findstr :3389
If you see a line showing LISTENING, then the port is active.
If nothing appears, the RDP service or firewall rules are likely the problem.
Check RDP Status Using PowerShell:
Get-Service -Name TermService
The service should show as Running.
Solution 1: Enable Remote Desktop
Sometimes RDP is simply disabled.
Windows 10/11 or Server:
- Open Settings
- Go to System > Remote Desktop
- Toggle Enable Remote Desktop
- Confirm the prompt
Or use PowerShell:
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
Solution 2: Allow Port 3389 in Windows Firewall
Using GUI
- Open Windows Defender Firewall
- Click Advanced settings
- Select Inbound Rules
- Find Remote Desktop – User Mode (TCP-In)
- Ensure it is Enabled and Allowed
RDP Port 3389 Not Working Solutions Using Command Line
netsh advfirewall name=RDP protocol=TCP dir=in localport=3389 action=allowIf the rule already exists, reset it:
Netsh advfirewall Firewall set rule remote desktop new enable=yesCheck Third-Party Firewalls
If using software like Bitdefender, Kaspersky, or a company firewall appliance, ensure port 3389 is permitted.
Solution 3: Restart RDP Service
If the Remote Desktop Services system process stops, RDP port 3389 will not accept connections.
Restart through Services:
- Press Win + R, type
services.msc - Locate Remote Desktop Services
- Right-click → Restart
Restart via Command Prompt:
net stop termservice
net start termservice
Solution 4: Check Group Policy Restrictions
Group policies may disable RDP port communication.
Open Local Group Policy Editor:
Run:
gpedit.msc
Navigate to:
Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections
Ensure the following are set correctly:
- Allow users to connect remotely by using Remote Desktop Services → Enabled
- Limit number of connections → Not Configured or appropriately set
After modifying policies, update them:
gpupdate /force
Solution 5: Verify Port 3389 Registry Settings
If the RDP port was changed accidentally or by malware, the client may still be trying to connect to 3389.
To check the port number:
- Press Win + R, type
regedit - Navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
- Open the value PortNumber
- Ensure it is set to 00000D3D (hexadecimal for 3389)
If changed, set it back to 3389 and reboot.
Solution 6: Network and Router Configuration
If you’re connecting remotely via the internet:
- Ensure your router forwards TCP port 3389 to the correct internal IP.
- Verify the server has a static LAN IP to prevent IP changes.
Port Forwarding Example:
External Port: 3389
Internal Port: 3389
Protocol: TCP
IP Address: <Server LAN IP>
Check ISP Restrictions
Some ISPs block inbound ports for residential plans, including 3389.
If so, consider:
- Switching to a business plan
- Using a VPN
- Using an SSH tunnel
- Changing the RDP port (but also updating firewall rules)
Solution 7: Verify IP Address and DNS
If the machine’s IP changed or DNS is outdated, you may not reach it even if the port works.
Verify IP address:
ipconfig
If using a domain or custom hostname:
- Flush DNS cache using:
ipconfig /flushdns
- Update DNS records if needed
Solution 8: Windows Update or Patch Rollback
Occasionally, Windows updates modify firewall profiles or break RDP components.
If RDP stopped working after an update:
- Check update history
- Uninstall the problematic update
- Restart the server
Use:
wusa /uninstall /kb:XXXXXXX
Replace the KB number with the specific update ID.
Solution 9: Check Remote User Permissions
Users need proper authorization to log in.
Add users to Remote Desktop Users group:
- Run lusrmgr.msc
- Go to Groups
- Open Remote Desktop Users
- Add the appropriate users
Also ensure user accounts are not disabled or expired.
Solution 10: Test External Connectivity
From another machine, use:
Telnet:
telnet <server_ip> 3389
If it cannot connect, the port is blocked externally.
PowerShell Port Test:
Test-NetConnection -ComputerName <server_ip> -Port 3389
Conclusion
When RDP port 3389 is not working, the issue is usually caused by firewall settings, disabled RDP services, port misconfiguration, or network-related problems. By following the troubleshooting steps in this article—checking the RDP service, firewall rules, Group Policy, registry settings, network routing, and user permissions—you can systematically identify and resolve the problem.
For administrators, regularly testing the port, enabling monitoring, and documenting network changes can prevent RDP outages in the future. With the right configuration and proactive maintenance, RDP will remain a reliable and secure method for remote management across your Windows environment.