Q: Can I change the port that Remote Desktop Gateway uses?

A: By default, the Remote Desktop (RD) Gateway component that encapsulates RDP in HTTPS packets listens on port 443 (for TCP) and port 3391 (for UDP). You can use the RD Gateway Manager utility to change this as follows:

  1. Right-click the RD Gateway server name in the navigation pane and select Properties.
  2. Select the Transport Settings tab.
  3. Modify the HTTP and/or UDP port number. Set the custom port value to the same port if you change them, because there's no way to do so in the client.
  4. Specify different custom ports for UDP versus TCP, then click OK.

Note that two firewall exceptions are enabled by default; however, they use the default ports, so you'll need to add your own firewall exceptions for TCP and UDP for the custom port you selected.

When you connect from a client, you need to add the custom port to the end of the gateway server name, preceded by a colon (:); for example, mygateway.domain.com:9999. Note that this is only an RDP client that supports RDP 8.0 or later.

If you're using RemoteApp, you need to manually update the gateway in the RDP file with the correct port because you can't change it via Server Manager to specify a custom port for the gateway. You can modify the port used for the gateway by connecting to the Remote Desktop Session Host and navigating to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\<farm>\DeploymentSettings, then editing the DeploymentRDPSettings value to add the port to the gatewayhostname:s:mygateway.com:9999 part of the string. Note that you must set this before you publish any applications. A nicer way is to use PowerShell:

Set-RDSessionCollectionConfiguration –CollectionName "Your Collection" -CustomRdpProperty "gatewayhostname:s:<GATEWAY.FQDN>:<Port, e.g. 9999>" -ConnectionBroker <Your Connection Broker>