How to allow RDP Port 3389 with Microsoft Defender Firewall on Intune

In this post i will run through the steps that are required to allow RDP – TCP Port 3389 on intune.

This rule will apply to the windows firewall through intune.

  1. Navigate to portal.azure.com and go to Intune > Device Configuration > Profiles and click on “Create Profile”.
  2. Enter a Name for the profile and for the platform select “Windows 10 and later
  3. For the Profile type select Endpoint protection
  4. Click on Settings
  5. Click on “Microsoft Defender Firewall”
  6. Scroll down until you see “Firewall Rules” then click on “Add”

Here is how we want to configure our rule.

  • Name – Name the rule whatever you want
  • Description – Describe it however you wish
  • Direction – For this rule i have chosen to select “Inbound”
  • Action – “Allow”
  • Network type – “Domain”
  • Protocol – “TCP
    • Local Ports – “Specified Ports”
    • Ports – “3389”
    • Remote Ports – “All Ports”

Click “OK” a few times and save the profile.

Assign the profile to your target group / users / devices and wait for the sync to complete.

Once the sync has completed we can verify the changes have taken place with windows firewall.

Open “Windows defender firewall with advanced security” and go to monitoring > firewall. Here we can see the rule that we created in Intune.

Leave a Reply

Your email address will not be published. Required fields are marked *