Configuring an RDP firewall rule on a MI424WR-GEN2 Router

To configure a Remote Desktop Protocol (RDP) firewall rule on an Actiontec MI424WR-GEN2 router, such as one provided by Verizon, take the following steps after logging into the router:
  1. Click on Firewall Settings

    Firewall Settings option

  2. You will see a warning that "Any changes made in this section may affect your router's performance and configuration" and be asked whether you wish to proceed; click on "Yes".
  3. On the left-hand side of the window, you will see a menu that includes Port Forwarding; click on Port Forwarding.

    Menu - Port Forwarding

  4. Beneath "Create new port forwarding rule" is a dropdown list which will allow you to select the IP address of the destination RDP host. Select the appropriate system from that dropdown list.

    Port Forwarding - Add

  5. Then from the "Application to forward" dropdown list select "RDP", if you are using the default port for RDP. You will see "TCP Any -> 3389" appear to the right of that dropdown list. Transmission Control Protocol (TCP) port 3389 is the default RDP port.

    RDP selected

  6. Then click on the Add button. You should then see the new rule appear at the bottom of the Applied rules list.

    New RDP rule

    If you ever wish to delete the rule, come to this same page and check the check box at the right-hand side of this rule, which is in the column with the "Delete" header, and then click on the Delete button at the bottom of the page.

The above procedure is the one to use if you wish to use the default port, 3389, for the RDP connection. If, instead, you want to use a port other than the default one, e.g., if you need to have RDP connections to multiple IP addresses behind the firewall, but have only one public IP address for the outside interface of the firewall, you could choose a unique port to forward to a particular IP address, e.g., 33089 for one, 33090 for another, etc. You might also want to choose a nonstandard port to reduce the number of break-in attempts on the port from systems on the Internet.

If you wish to forward a non-standard port, rather than the default port of 3389 for the the Internet-facing side of the connection, then at step 5 where you select the application to forward, choose "Custom Ports" rather than RDP.

Port Forwarding - Custom

Click on the Advanced button rather than the Add button to choose a non-standard port. Then click on the dropdown list next to "Destination Ports" and select Specify. Then, below the Ports field, type the port number you wish to use for the Internet-facing side of the firewall, e.g., 33090. Then, under "Forward to Port", from the dropdown list select Specify rather than Same as Incoming Port. Type 3389 for the port to use for the "forward to port".

Port Forwarding
Advanced Settings

Then click on the Add button. You will then have a custom port rule added. E.g., in the example below, a connection attempt using an RDP client connection to port 33090 will be forwarded by the firewall to IP address on the standard RDP port on that system, which is port 3389.

RDP Custom Port

By that mechanism, you don't have to change the port the destination system is listening on for RDP connections, you merely specify the port to be used for the RDP connection on the client side, i.e., the system from which you are establishing the RDP connection, which you may be able to do using something like, rather than just specifying the fully qualified domain name (FQDN) or IP address. I.e., you put a colon and the custom port you selected after the IP address or FQDN. If you are using the mstsc utility provided by Microsoft on Microsoft Windows systems to establish the RDP connection, if the destination system was reachable using, I could use a command like the one below at a command prompt to establish the connection:

mstsc /v


TechRabbit ad 300x250

Justdeals Daily Electronics Deals1x1 px