How to configure RDP TCP Port and UDP Port requirements

Windows Firewall is used to enhance the system security, allowing or blocking inbound and outbound network traffic. Due to security reasons, and as a best practice recommendation, the firewall configuration becomes even much more important when the servers are exposed to external accesses.

This article will explain how to create the RDP and UDP firewall rules for the Parallels®Remote Application Server (RAS) Secure Client Gateway.

Steps to configure external access

The following table lists the ports used by RAS Secure Client Gateway for external accesses:

Protocols Ports Description
TCP, UDP 80,443 Management and user session connections
TCP, UDP 3389 Used by RAS Secure Client Gateway in Normal mode and used for user session if RDP Load Balancing is enabled.
TCP, UDP 20009 Optional – If Client Manager is enabled

Windows Firewall allows, by default, all outgoing connections, hence, only ports for incoming connections should be opened as explained below.

  1. Logged in as an Administrator, navigate to Control Panel \ All Control Panel Items \ Windows Firewall and click on Advanced settings.

How to configure RDP TCP Port and UDP Port requirements

  1. Select Inbound Rules in the left panel, and then click on New Rule in the right panel.

How to configure RDP TCP Port and UDP Port requirements

  1. Select Port and click Next.

How to configure RDP TCP Port and UDP Port requirements

  1. Select TCP, enter “80,443,3389,20009” in the Specific local ports field and click Next.

How to configure RDP TCP Port and UDP Port requirements

  1. Select Allow the connection and click Next.

How to configure RDP TCP Port and UDP Port requirements

  1. Select all three options, Domain, Private, and Public, and click Next. If due to the setup conditions, the connection needs to be applied only to certain network profiles, choose the appropriate ones.

How to configure RDP TCP Port and UDP Port requirements

  1. Enter a Name and a Description (optional) and click Finish.

How to configure RDP TCP Port and UDP Port requirements

  1. Repeat all these steps for UDP connections, choosing UDP in the Protocols and Ports screen (step 4) and enter a different Name to identify the new rule (step 7).

Once you have configured the firewall for the Secure Client Gateway, it is recommended to also enable and configure it for the rest of the Parallels RAS components. The complete set of ports used by each component can be found in the following article Firewall requirements for Parallels RAS.

Supported operating systems

RAS Secure Client Gateway is supported on the following operating systems:

Related How-To

How Parallels RAS helps businesses to be PCI DSS Compliant

How to Enable Your Team to Access What They Need, Anywhere, Anytime

Windows Server 2008 R2 onwards Firewall Configuration for Parallels RAS

If you have any questions, please get in touch.