Utilities

How to Set Up Remote Desktop: Complete Guide

By Alex Carter 5 min read

Setting up remote desktop access lets you connect to your work PC from home, assist a colleague with a technical issue, or manage servers without being physically present. This guide walks you through configuring Windows Remote Desktop Protocol (RDP), securing the connection, and choosing third-party alternatives when RDP isn’t the right fit.

This step-by-step walkthrough covers everything you need to get a secure, reliable remote desktop connection running — from enabling RDP to locking it down properly. We’ve set up remote desktop on dozens of machines, and these are the exact steps we follow every time.

What Is Remote Desktop Protocol (RDP)?

Remote Desktop Protocol is a Microsoft-developed protocol built into Windows Pro, Enterprise, and Server editions. It transmits the graphical interface of a remote computer to your local device and sends your keyboard and mouse input back. RDP runs on TCP/UDP port 3389 by default.

Important: Windows Home edition doesn’t include the RDP host component. If your target machine runs Windows Home, you’ll need a third-party solution — see the alternatives section below or our roundup of the best remote desktop software.

Step 1: Enable Remote Desktop on the Host PC

The host PC is the computer you want to connect to remotely. Follow these steps on that machine:

  1. Open Settings > System > Remote Desktop.
  2. Toggle Enable Remote Desktop to On.
  3. Confirm the prompt. Note the PC name displayed — you’ll need it to connect.
  4. Under Remote Desktop users, click Select users that can remotely access this PC and add any non-administrator accounts that need access.

Alternatively, open System Properties (run sysdm.cpl), go to the Remote tab, and select Allow remote connections to this computer. Enable Network Level Authentication (NLA) for an additional layer of security — this ensures users authenticate before a session is established.

Step 2: Configure Windows Firewall

Enabling Remote Desktop automatically creates firewall rules, but you should verify they’re active and properly scoped:

  1. Open Windows Defender Firewall with Advanced Security (run wf.msc).
  2. Navigate to Inbound Rules.
  3. Locate the rules named Remote Desktop – User Mode (TCP-In) and Remote Desktop – User Mode (UDP-In).
  4. Verify both rules are enabled. If you changed the default port (see below), update the rules to reflect the new port number.
  5. Restrict the Scope tab to specific remote IP addresses or subnets when possible, rather than allowing connections from any address.

Port 3389 is a well-known target for brute-force attacks. Changing it to a non-standard port doesn’t replace real security, but it reduces automated scanning noise significantly.

  1. Open Registry Editor (regedit).
  2. Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. Find the PortNumber DWORD value. Double-click it, select Decimal, and enter your desired port (e.g., 43389).
  4. Restart the Remote Desktop service or reboot the machine.
  5. Update your firewall rules to allow the new port and block the old 3389.

When connecting from the client, append the custom port to the address: 192.168.1.100:43389 or mypc.example.com:43389.

Step 4: Connect from the Client

On the computer you’re connecting from:

  1. Open Remote Desktop Connection (run mstsc).
  2. Enter the host PC’s IP address or hostname (with custom port if changed).
  3. Click Show Options to configure display resolution, local resource redirection (printers, clipboard, drives), and experience settings.
  4. Click Connect and enter your Windows credentials when prompted.

For connections outside your local network, you’ll need either port forwarding on your router (less secure) or a VPN connection (recommended).

Step 5: Secure Remote Access with a VPN

Exposing RDP directly to the internet — even on a non-standard port — is a significant security risk. A VPN creates an encrypted tunnel between your client and the network where the host PC lives, keeping RDP traffic off the public internet entirely.

  • WireGuard: Modern, fast, and easy to configure. Ideal for individuals and small teams. Many routers now support WireGuard natively.
  • OpenVPN: Battle-tested and widely supported. More configuration overhead than WireGuard but runs on virtually any platform.
  • Tailscale / ZeroTier: Mesh VPN services that create a virtual network between your devices with minimal setup. Excellent for connecting personal devices without managing a VPN server.
  • Corporate VPN (Cisco AnyConnect, GlobalProtect, etc.): If your organization already provides VPN access, use it — no additional setup required on your end.

With a VPN active, connect to the host PC using its local/private IP address. No port forwarding needed, and RDP never touches the public internet. If you’re also looking into other essential PC utilities, we’ve got a separate guide for that.

Security Best Practices

Beyond changing the port and using a VPN, follow these additional hardening steps:

  • Enforce strong passwords and enable account lockout policies after failed login attempts. Our password generator tool can help you create strong, random passwords quickly.
  • Enable Network Level Authentication (NLA) to require authentication before session establishment.
  • Limit RDP users to only the accounts that need remote access. Remove the default Administrators group if specific user accounts are configured.
  • Keep Windows updated — RDP vulnerabilities (like BlueKeep) have historically been critical. Patching is essential.
  • Use RDP Gateway in enterprise environments to proxy connections through an HTTPS-secured gateway server.
  • Enable audit logging to track successful and failed login attempts via Event Viewer (Security log, Event IDs 4624 and 4625).

Third-Party Alternatives to RDP

Windows RDP is powerful but limited to Windows Pro/Enterprise hosts and requires network configuration. Third-party tools simplify the process with NAT traversal (no port forwarding), cross-platform support, and additional features like session recording and multi-monitor management.

Our detailed comparison of the best remote desktop software in 2026 covers AnyDesk, TeamViewer, RustDesk, Chrome Remote Desktop, and Parsec — with recommendations based on speed, features, and budget.

For teams building out a full remote work infrastructure beyond just remote desktop, see our guide to the best tools for remote teams covering communication, project management, and collaboration platforms.

Troubleshooting Common Issues

Can’t Connect to Remote PC

  • Verify Remote Desktop is enabled on the host.
  • Check that the host PC is powered on and not in sleep mode.
  • Confirm firewall rules allow the correct port.
  • If connecting over the internet, verify port forwarding or VPN connectivity.

Black Screen After Connecting

  • Update graphics drivers on the host PC.
  • Try connecting at a lower resolution or color depth.
  • Disable UDP transport in the RDP client advanced settings.

Slow or Laggy Connection

  • Reduce display resolution and color depth in connection settings.
  • Disable visual effects (wallpaper, font smoothing, animations) under Experience options.
  • Ensure you’re not bandwidth-constrained — RDP works best on connections above 10 Mbps.

If you need to transfer files during your remote sessions, check out our roundup of the best file sharing tools for options that pair well with remote desktop setups.

Written by Alex Carter

Software reviewer and tech journalist with 10+ years of experience testing productivity tools, project management platforms, and business software.

You Might Also Like