Recently I needed to configure a solution for remote desktop on a Linux server. I decided to give XRDP a shot which uses TigerVNC Server by forwarding the standard RDP port of 3389 to a port VNC is listening on. The end result is to set up a SSH tunnel that forwards local port 3389 over SSH to XDRP which is listening only on the remote localhost on port 3389 as well. Use the information below to set this up on CentOS Linux though the instructions will be similar for other Linux distros as well.
Earlier when configuring XRDP I could not find out how to make XRDP only listen to 127.0.0.1 or localhost. Finally after playing around with multiple variables I thought it might be I picked the right one. Below is an example of my xrdp.ini before modifying the listen address and after modifying the listen address.
There are numerous reasons that you may either want to connect to Windows Remote Desktop on a different port or have Remote Desktop listen on a different port. The primary reason I wanted to configure this was my ISP does network scans every couple of months and if you have external ports listening they will suspend your service in an attempt to both cut down on viruses, spam, and to get you to upgrade your service to a business account that allows you to run servers. I wanted to be able to connect to a Windows Vista box at my house remotely and one of the ports included in my ISP’s scan list is the RDP (Remote Desktop Protocol) TCP port 3389. To get around this you can either configure RDP to run on a different port and simply use your router to directly NAT through the new port or I suggest you simply using Port Forward on your router to route another port from the external IP address to the TCP RDP port 3389 on the Windows computer running Remote Desktop. Below I describe connecting to a port other than the default TCP port 3389 from the Remote Desktop client.