"Which firewall ports need to be allowed for communication between the RDS Session Host server and the RDS Licensing Server?

Abdul Raafay 20 Reputation points
2025-11-04T14:09:17.5933333+00:00

I am configuring an RDS deployment with two servers, Server A and Server B.

  • Server A is both the RDS Licensing Manager and an RDS Session Host.

Server B is an additional RDS Session Host on the same network.

On a separate network, I have Server C, which is also an RDS Session Host. I want Server C to use Server A as its RDS Licensing Server, but there is a firewall between them.

What ports do I need to allow through the firewall so that Server C can communicate successfully with Server A for RDS licensing?

Windows for business | Windows Server | User experience | Remote desktop clients
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Quinnie Quoc 6,150 Reputation points Independent Advisor
    2025-11-04T14:39:28.9533333+00:00

    Hello,

    Thank you for your question. To allow Server C to communicate with Server A (the RDS Licensing Server) across a firewall, you’ll need to ensure the following ports are open:

    • TCP 135 – Used by Remote Procedure Call (RPC) endpoint mapping
    • TCP 139 and 445 – Required for SMB and named pipe communication
    • Dynamic RPC Ports (TCP 49152–65535) – Used by the RDS Licensing service for RPC communication

    I recommend configuring the firewall to allow these ports from Server C to Server A. For tighter control, you can restrict the dynamic RPC port range on Server A by modifying the registry or using Group Policy, then allow only that narrowed range through the firewall.

    If this resolves your issue, feel free to mark this answer as accepted so others can benefit too.

    Thank you so much!!!

    Best regards,

    Quinnie Quoc.

  2. Quinnie Quoc 6,150 Reputation points Independent Advisor
    2025-11-05T02:19:38.0866667+00:00

    Hi Abdul Raafay,

    Has your issue been resolved? If it has, feel free to mark ACCEPT ANSWER so others can find it helpful too. If you're still stuck or need anything else, I'm here to help. Just let me know!

    Have a good day!!

    QQ

    0 comments
  3. Abdul Raafay 20 Reputation points
    2025-11-05T05:34:45.78+00:00

    Thank you for your response, Quinnie!

    Unfortunately, it is still not working. I have allowed Server C’s IP (source port: any) to Server A’s IP (destination ports: 135, 139, 445, and 49125–65535), but I’m still unable to successfully connect to the License Server. I temporarily allowed any source port to any destination port, and it worked.

    This makes me think we may still be missing some required ports, that’s the only logical conclusion I can reach at this point.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.