none
Port 3389 not listening RRS feed

  • Question

  • Windows Server 2003R2. Terminal Services is installed and started. Remote Desktop is Enabled. In the Terminal Services Manager session window, RDP-TCP is shown as being in a listening state. But when I run netstat -a, port 3389 does not show up. RD client cannot connect. Telnet or ssh to that port does not connect.

    TCP is working fine: I can use logmein to view the server; I can VPN to the server, I can look at SMB shares once the VPN is up. No TCP filtering is active. The Windows Firewall is not active.

    How can I get port 3389 going and be able to RDP in?

     

    The registry is still showing port 3389 as the listening port.

    I have removed and re-created the RDP-tcp port without any trouble and without success. The properties are set on defaults.

    Remote Desktop devices in the device manager show as operating fine.

    It used to work fine and just recently (sometime in January) it stopped working. As far as I know, no new software was installed at that time.

    I have reviewed a bunch of stuff found in Google but none of it seems to help, so far.

     

    Friday, February 11, 2011 1:06 AM

All replies

  • Did you perhaps change the port that RDP listens on?
    You can double check this in the registry. See here: http://support.microsoft.com/kb/187623

     


    Kind regards,
    Freek Berson
    http://www.microsoftplatform.blogspot.com
    Friday, February 11, 2011 7:54 AM
    Moderator
  • No, it still says 3389 in the registry.
    Wednesday, February 23, 2011 11:10 PM
  • Any luck onb your issue? I have checked all the things that you have checked and I am in the same situation. No RDP to that server.
    Monday, May 2, 2011 8:22 PM
  • Hi

    Try to unmark the "Enable Remote Desktop on this computer" checkbox to disable the Remote Desktop on the computer.
    Restart the server
    Mark the "Enable Remote Desktop on this computer" checkbox to enable Remote Desktop on the computer again.

    This actions solved this problem for me once.

    ¬Daniel

    • Proposed as answer by Caio Queiroz Monday, April 20, 2015 2:38 AM
    Tuesday, May 15, 2012 4:24 PM
  • We opened a case with Microsoft on this issue and we determined that it was related to the following driver being disabled:

    remote desktop services security filter driver

    To check whether this enabled or disabled, open device manager and show hidden devices. We were not able to enable it, so we uninstalled it and rebooted. After rebooting we were able to telnet to the server on port 3389, but we were still not able to connect with remote desktop.

    As a last step, we set remote desktop security layer to “negotiate”. To do this, open the "remote desktop session host configuration" application in administrative tools and edit the properties of “rdp-tcp”. The setting can be found on the general tab.

    Hope this helps someone!

    • Proposed as answer by kane101 Friday, April 10, 2015 11:00 AM
    Tuesday, May 22, 2012 5:44 PM
  • Perfect answer!  Had the same problem.  You helped me fix it.  Thank you!

    Thursday, October 11, 2012 3:25 AM
  • I had this same issue, and I tried uninstalling the driver that 'itdoug' was speaking of. It didn't resolve the issue and the driver was reinstalled after reboot, so no harm. I had actually found that in my situation, 

    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp was missing entirely. I exported the key from a working 2008 R2 installation and port 3389 immediately opened and accepted RD connections. I'm guessing that registry key is responsible for binding Remote Desktop to TCPIP. 


    • Proposed as answer by moirf Wednesday, July 8, 2015 11:59 AM
    Tuesday, July 2, 2013 7:23 PM
  • That was a bizarre one.  I had one server who could not be accessed.  uninstalled that driver and RD worked.

    Thanks!

    Tuesday, June 17, 2014 12:04 AM
  • I had the same issue, but with a bizzar solution. I tried every thing possible, but was unable to fix the issue. then I decided to restart every service whether related or not to RDP and test the connection.

    after restarting the print spooler service I could connect. don't ask me how this is related, it is beyoned my comprehension. I'm posting maybe I can save some one the Hair Pulling symptom. :)


    also a nmap scan shows that port 3389 is listening, all after the print spooler service restart.
    • Proposed as answer by Fayez Eltaha Monday, December 1, 2014 7:16 AM
    • Edited by Fayez Eltaha Monday, December 1, 2014 7:23 AM
    Monday, December 1, 2014 7:16 AM
  • In my case it was caused by one of installed KB recently. 

    I have installed following KB's 

    1. KB2984972

    2. KB2574819

    3. KB2592687

    4. KB2984976

    You have to keep proper order when installing these KB's.

    After restart everything work correctly.

    Maybe this will help someone.

    Wednesday, February 18, 2015 10:33 AM
  • Sorry for late answer, but maybe will useful for someone: I faced with the same problem on 2003 Server R2: I was unable to connect via RDP 3389, 'netstat -nap tcp | find "LISTEN"' didn't show port 3389.

    After a series of unsuccessful attempts, I *started* Windows Firewall service, which was previously stopped by me, and 3389 was opened again.

    • Proposed as answer by Zeusez Tuesday, October 6, 2015 2:56 PM
    Tuesday, March 31, 2015 9:49 AM
  • Works for me.. thank you

    Monday, April 20, 2015 2:38 AM
  • Thank you! It worked!
    Wednesday, May 13, 2015 5:26 PM
  • I had this same issue, and I tried uninstalling the driver that 'itdoug' was speaking of. It didn't resolve the issue and the driver was reinstalled after reboot, so no harm. I had actually found that in my situation, 

    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp was missing entirely. I exported the key from a working 2008 R2 installation and port 3389 immediately opened and accepted RD connections. I'm guessing that registry key is responsible for binding Remote Desktop to TCPIP. 


    Worked for me, take the registry settings from working machine and applied to one facing issues.

    Note: Please don't forget to take backup of your old registry before applying the fix.



    Md Irfan

    Wednesday, July 8, 2015 11:58 AM
  • This was the key, if you're having this issue within Citrix, and you're unable to see ports ICA/RDP open, make sure your Firewall is on. If turned off, the services will stop and the ports will be closed.

    If these ports are not listening then users will not be able to establish the ICA connection which streams their applications.
    Tuesday, October 6, 2015 2:56 PM
  • Your post pointed me in the right direction. My key was present, but there were some keys that had been changed for whatever reason and there was some addition entry. I exported this key off of a working machine and imported to the non working machine and it took off to working. Thanks
    Monday, November 16, 2015 4:36 PM
  • Bazaar! I've have successfully been able to connect to my server via Remote Desktop for years. Then suddenly last week I was no longer able to. Remote Desktop was enabled.  Windows Inbound Firewall Rules were configured correctly. However nothing I tried worked.

    I checked the Registry and the following key was indeed there, HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

    I finally exported the Reg Key above from another server that I could successfully Remote to and imported it to the one that stopped allowing connection and BINGO!  That worked!  Very strange.

    Thursday, March 10, 2016 7:07 PM
  • Hold the phone!

    I just setup another server (this one with Server 2012) and am not able to Remote Desktop to it.  It's sitting right next to my desk.  I've checked all the same thing, Remote Desktop is enabled, the FireWall shows it enabled however, when I do a telnet to 3389 is shows it is not listening.  When I do a netstat it is not listed.

    What next??

    Tuesday, March 15, 2016 5:16 PM
  • Is there any answer here?  How can I get Port 3389 to be listening?  Firewall says it is, but it's not.  How can I turn it on?  The issue here is that Remote Desktop cannot connect to the server.  It never brings up the login screen to enter credentials.  It just says it's not listening.  I can connect via Remote Desktop to other machines.  I can ping the server in question and I can Remote Desktop from the server in question to other machines.

    How do I get port 3389 to turn on and listen?

    Wednesday, March 16, 2016 3:17 PM
  • http://www.florisvanderploeg.com/rdp-not-working-after-xenapp-6-uninstall

    this was after a xenapp uninstall , I uninstalled the "REMOTE DESKTOP SERVICES SECURITY FILTER DRIVER" and rebooted. It was not automatically installed. I removed and imported the registry key from another server, no help. disabled, rebooted re-enabled remote desktop no help.

    then I found the article above. fixed the one registry key. removed and re INSTALLED  the RDP-Tcp connection in remote desktop session host configuration. and my issue was resolved. took me some time to get it all sorted out. thought I would add this here as a possible solution.

    Wednesday, November 30, 2016 10:25 PM
  • Trying to support an old server for a company and this just saved the day. Thank you for posting so long ago!!!

    Still does not make sense.

    Tuesday, December 27, 2016 9:41 PM
  • Absolutely fantastic article http://www.florisvanderploeg.com/rdp-not-working-after-xenapp-6-uninstall/

    This was my exact problem. I cloned a Citrix 6.5 2008 R2 VM, uninstalled Xenapp 6.5 and couldn't RDP to the server. After trying everything, netstat -a -o showed port 3389 not listening, I then followed the above article and BANG, I can now RDP to the server. Thanks for sharing Katacombz.

    Thursday, February 9, 2017 3:38 AM
  • Hi there, re: this link http://www.florisvanderploeg.com/rdp-not-working-after-xenapp-6-uninstall/ I got this working on 1 2008r2 server after I uninstalled XA 6.5 and it broke RDP but now when I try this on another 2 2008r2 servers that also had XA 6.5 on them the reg key value is changed back after restarting Remote Desktop services, Any ideas anyone?

    So the location of the reg key is  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\LoadableProtocol_Object (REG_SZ)

    The value of this reg key-  see below is 

    RPM.CtxRdpProtocolManager and it needs changing to {18b726bb-6fe6-4fb9-9276-ed57ce7c7cb2}.

    when I restart Remote Desktop services I get "Remote Desktop Service registry key has changed. Restoring the registry value" It then reverts the value back to RPM.CtxRdpProtocolManager

    The only difference between the working server and non working server is I have installed Citrix UPM 5.4 on the non working server. I want all the servers to be part of a Citrix XA 7.9 environment because they run legacy apps thats don't work on 2012. Any help on this would be much appreciated. Thanks.



    • Edited by bmac000 Thursday, March 16, 2017 4:25 AM
    Thursday, March 16, 2017 4:19 AM
  • Hi there, re: this link http://www.florisvanderploeg.com/rdp-not-working-after-xenapp-6-uninstall/ I got this working on 1 2008r2 server after I uninstalled XA 6.5 and it broke RDP but now when I try this on another 2 2008r2 servers that also had XA 6.5 on them the reg key value is changed back after restarting Remote Desktop services, Any ideas anyone?

    So the location of the reg key is  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\LoadableProtocol_Object (REG_SZ)

    The value of this reg key-  see below is 

    RPM.CtxRdpProtocolManager and it needs changing to {18b726bb-6fe6-4fb9-9276-ed57ce7c7cb2}.

    when I restart Remote Desktop services I get "Remote Desktop Service registry key has changed. Restoring the registry value" It then reverts the value back to RPM.CtxRdpProtocolManager

    The only difference between the working server and non working server is I have installed Citrix UPM 5.4 on the non working server. I want all the servers to be part of a Citrix XA 7.9 environment because they run legacy apps thats don't work on 2012. Any help on this would be much appreciated. Thanks.



    Ignore this, damn Windows firewall was blocking the RDP, its all sorted now
    Thursday, March 16, 2017 5:18 AM
  • Hi

    How did you reinstall the driver. after I reboot server it did not install again and is now missing from device manager non plug and play devices.

    Friday, April 14, 2017 9:26 AM
  • Hi,

    I solved my issue. Problem for RDP not working was due to the remote desktop session host configuration that was referring to a non existent Network adapter. This was caused when server was virtualized and drive was cloned. hence the reason of incorrect reference to network adaptor and RDP Port 3389 not showing in net stat output.

    solution:

    remote desktop session host configuration applet

    Change following registry key value to 0 (Remember to take care and always make a backup of registry before making changes)

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\LanAdapter

    When done restart all RDP services.

    open remote desktop session host configuration applet and confirm settings or test RDP

    All should be fine

    Friday, April 14, 2017 11:06 AM
  • Hello,

    We had this problem with Windows Server 2012 R2.  The RDP port was not showing as listening when we issued the "netstat -ano" command.

    Our solution was that we found out that our security team had performed a lockdown of this server and had set the "Remote Desktop Services Usermode Port Redirector" service to "Disabled".

    We set the "Remote Desktop Services Usermode Port Redirector" service back to to "Manual" and rebooted the server.  The port started listening!

    Alternately you could set the "Remote Desktop Services Usermode Port Redirector" service to "Manual" and then restart the "Remote Desktop Service".

    • Proposed as answer by stakenjacy Tuesday, October 2, 2018 8:14 PM
    Thursday, June 15, 2017 1:55 PM
  • this seems the only solutions that worked for me. 

    Thanks,

    Monday, July 17, 2017 8:43 PM
  • I tried everything in this thread and more and still couldn't get my 2016 server to listen on port 3389 (or any other for RDP after i tried changing it). My solution in the end was to sysprep the server - after that it worked. I'm still baffled as to why it happened but I've got a workaround!
    Thursday, October 4, 2018 10:34 AM
  • I have tried the almost all the steps mentioned  here even before I came upon this thread. I was thinking that McAfee Endpoint Security has somewhat blocked or disabled the port 3389. But I can't find any related policy for blocking  the port or RDP.

    The only thing I have not tried is to disable and then re-enable the driver of the Remote Desktop Device Redirector Bus (this is for Windows Server 2016) on the Device Manager.

    After enabling it again then another reboot of the server, I restarted all the Remote Desktop services. I ran netstat -ona and found out that 3398 is then listening.

    Finally, the remote desktop connection is working on the remote client.

     By the way, I have not added yet the Terminal Server role on the remote server but that's another job for later. I am just glad that I was able to finally make the RDC works.

    Thanks for sharing ITDoug!

    Tuesday, October 30, 2018 7:30 PM