⚡
No self-hosted server required
P2P mode uses the official connection service by default for device discovery and handshake. Regular users do not need to prepare a Linux server or enter a signaling URL.
Native Windows mstsc · P2P direct connection · No exposed RDP port
Connect to your Windows Remote Desktop through P2P, without exposing the RDP port to the public internet.
Access Windows Remote Desktop over P2P — without exposing RDP to the public internet. LocMSTSC uses Windows native mstsc and creates a P2P connection channel between your devices. The LocMSTSC connection service is only used for device discovery and handshake; Remote Desktop data does not pass through the official server.
✓ Uses Windows native mstsc
✓ More direct P2P connections
✓ No public RDP port exposure
✓ Connect with ID + access password
✓ Remote Desktop data does not pass through the official connection service
Important: LocMSTSC does not reimplement RDP. The Remote Desktop experience is still provided by Windows native mstsc. The official P2P connection service is used only for device discovery and handshake, and does not transmit desktop video, keyboard/mouse input, or RDP data.
P2PConnect in two steps
1
Start waiting on the agentOpen LocMSTSC, then copy the device ID and access password. No server address is required, and the Remote Desktop port does not need to be opened directly.
2
Enter the ID and password on the controllerEnter the peer ID and access password, then connect to Remote Desktop. After the P2P channel is established, LocMSTSC automatically launches Windows native mstsc.
The official connection service is responsible only for device discovery and handshake. Remote Desktop data is transmitted between the controller and the agent, and does not pass through the official connection service.
P2P DirectTURN Relay Instructions
cd /root && apt update && apt install -y curl curl -fL https://www.locmstsc.com/locmstsc-eturnal-setup-en.sh -o locmstsc-eturnal-setup-en.sh chmod +x locmstsc-eturnal-setup-en.sh bash locmstsc-eturnal-setup-en.sh
TURN is not needed by default on regular networks; P2P will try direct connection first. On complex restricted networks, carrier-grade NAT, or strict firewalls, if P2P connection fails, you can self-host a TURN service: turn:SERVER_IP:3478, and open TCP/UDP 3478 in the server firewall and cloud security group.
TURN URLs: turn:SERVER_IP:3478
Account: locmstsc
Password: the TURN password entered during setup
Account: locmstsc
Password: the TURN password entered during setup
SSH RelaySelf-hosted SSH Relay Commands
cd /root && apt update && apt install -y curl curl -fL https://www.locmstsc.com/locmstsc-ssh-setup-en.sh -o locmstsc-ssh-setup.sh chmod +x locmstsc-ssh-setup.sh bash locmstsc-ssh-setup.sh
This script quickly initializes a self-hosted SSH relay environment. SSH relay mode is intended for technical users as a fallback connection path outside P2P.
P2P first: simpler remote Windows connections
Regular users do not need to understand SSH commands, signaling URLs, or port forwarding. LocMSTSC hides the complex connection process and keeps only the essential information: the agent ID and access password.
🔑
ID + access password
After the agent starts waiting, copy the connection information. The controller can connect by entering the peer ID and access password. The password is verified locally by the agent.
🖥️
Still native mstsc
LocMSTSC establishes the connection channel. Remote Desktop login, video, keyboard/mouse input, and clipboard are still provided by Windows native RDP / mstsc.
Built for these remote Windows scenarios
Whether it is a home PC, office PC, Hyper-V / VMware virtual machine, or public Windows server, LocMSTSC can connect to native mstsc through P2P or SSH. Regular users should start with P2P, while technical users can keep a self-hosted SSH relay as a fallback.
🏠
Home PCs / office PCs
Start waiting on the agent, then enter the ID and access password on the controller. You can use Windows native Remote Desktop even without a public IP.
🧩
Hyper-V / VMware virtual machines
Suitable for managing Windows virtual machines on a local machine or server. You still log in to the system account through mstsc, with an experience close to directly using remote Windows.
🛡️
Windows servers
Even Windows servers with public IPs should not expose RDP ports directly. LocMSTSC can connect through P2P / SSH and reduce the risk from public scanning and brute-force attempts.
Real panels, redesigned around P2P connection
The controller enters the peer ID and access password, while the agent starts waiting for connections. SSH relay is still available, but P2P is the preferred connection mode for regular users.
Controller: connect with ID and access password
The controller only needs the peer ID, access password, and local port. After the P2P channel is established, click to open Remote Desktop and Windows native mstsc will connect to the local entry point.
Agent: start waiting and copy connection info
The agent displays the device ID and access password. Users can copy the connection information and send it to the controller. The RDP port is accessed only locally and does not need to be exposed directly to the public internet.
How P2P mode works
LocMSTSC P2P mode uses the official connection service for device discovery and handshake. Remote Desktop data is forwarded through the connection channel between the controller and the agent. Windows native mstsc still handles login and the desktop experience.
Not a new protocol, just an easier way to connect mstsc
LocMSTSC does not take over Remote Desktop video and does not replace Windows login authentication. It establishes a controlled connection channel so mstsc can safely enter remote Windows.
Download for Windows1
The agent starts waitingThe agent registers its device ID and waits for the controller to request a connection with the access password.
2
The controller starts the connectionThe controller enters the agent ID and access password, then completes the handshake through the official connection service.
3
mstsc enters Remote DesktopAfter the P2P channel is established, LocMSTSC opens a local entry port and the user enters Remote Desktop through Windows native mstsc.
Not a new remote-control protocol, just an easier way to connect mstsc
LocMSTSC organizes device discovery, connection handshake, P2P channel setup, firewall protection, and mstsc launch into a clearer desktop tool.
🖥️
Keep using native mstsc
Remote Desktop login, video, keyboard/mouse input, and clipboard are still provided by Windows native RDP / mstsc.
🔗
P2P establishes the connection channel
LocMSTSC establishes a connection channel between the controller and the agent, reducing manual port configuration and public exposure.
🧑💻
SSH as a fallback
Technical users can still use SSH relay mode, self-host servers, and control the connection path themselves.
Native mstsc + P2P feels more like accessing your own remote Windows PC
LocMSTSC is not simple screen sharing. It lets users enter a Windows native Remote Desktop session through a P2P channel, making it suitable for using remote Windows as a workstation, server desktop, or private cloud PC.
Screen-sharing remote control
TeamViewer / ToDesk: more like temporary assistance
These tools usually share the current screen with the other side, making them suitable for temporary desktop support, quick remote checks, and one-time assistance.
•Closer to an assistance mode where someone views your current desktop.•Good for temporary troubleshooting, but not always ideal as a long-term remote workstation.•The experience feels more like controlling the current screen than entering an independent Windows session.
Native Remote Desktop
LocMSTSC: P2P connection to native mstsc
mstsc connects to a Windows native Remote Desktop session, which is better suited for using a Windows machine as your own remote workstation. LocMSTSC solves this problem: you can connect without a public IP, and even with a public IP you do not need to expose the RDP port directly.
Works without a public IPHome PCs, office PCs, and virtual machines can all start waiting for connections.
Safer even with a public IPWindows servers do not need to expose Remote Desktop ports directly.
Use it like a cloud PCCopy and paste, browse the web, run desktop software, and maintain the system environment.
More private account accessDuring a remote connection, the local Windows session is locked and remote operations are not directly exposed on the local screen; only users with the account password can enter the desktop.
Core security goal: do not expose the RDP port to the public internet
LocMSTSC is not about showing off technology. Its goal is to make Windows Remote Desktop easier to connect while avoiding direct exposure such as public IP:3389 / 5555.
Traditional approach: open RDP directly to the public internet
Directly exposing the Windows Remote Desktop port to the public internet can leave it under long-term scanning, brute-force attempts, and login probes.
×Public IP:3389 / 5555 can be connected to directly
×The port is scanned and attacked over time
×Managing multiple servers can become messy
LocMSTSC approach: controlled P2P / SSH connection
P2P mode does not require opening the RDP port. The agent accesses 127.0.0.1:RDP only locally. After a real connection succeeds, LocMSTSC can prompt you to enable public RDP protection.
✓P2P mode does not require opening the RDP port
✓The agent accesses 127.0.0.1:RDP only locally
✓Regular mstsc cannot connect directly through public IP:port
Not a general tunneling tool, focused only on Windows Remote Desktop
LocMSTSC is not trying to replace frp. frp is a general-purpose intranet tunneling tool, while LocMSTSC focuses only on Windows native mstsc Remote Desktop connections.
frp
Suitable for general intranet tunneling, reverse proxy, and exposing multi-protocol services such as Web, API, TCP, UDP, HTTP, and HTTPS.
✓General intranet tunneling / reverse proxy
✓Multi-protocol, multi-service exposure
✓The goal is to publish intranet services
LocMSTSC
Focused only on Windows native Remote Desktop. Regular users should use P2P first, while technical users can use SSH relay without exposing general intranet services.
✓Windows native mstsc connection tool
✓P2P first, SSH fallback
✓The goal is not to expose the RDP port directly
P2P first, SSH as a fallback channel
P2P is the default recommended mode in LocMSTSC. SSH relay remains available for advanced users in special network environments or when a fully controlled connection path is required.
🚀
P2P is simpler
No self-hosted server, no signaling URL, and no SSH command knowledge required. Enter the ID and access password to connect.
⚡
Smoother when the network allows it
P2P attempts to establish a more direct connection path and reduce detours. The actual experience depends on both networks, NAT, firewalls, and routing conditions.
🧑💻
SSH remains for advanced users
If P2P is not suitable for certain network environments, technical users can still use self-hosted SSH relay mode.
SSH relay mode: a fallback for advanced users
P2P is the default recommended mode. For technical users who want a fully self-hosted connection path, LocMSTSC still keeps SSH relay mode. SSH mode requires your own Linux server, and speed depends on the server network route.
⭐
P2P is recommended by default
Regular users do not need a server and can connect directly with an ID and access password.
🔐
Self-hosted SSH fallback
Technical users can self-host an SSH relay server for special network environments or a fully controlled path.
💬
Official support
Website: locmstsc.com. Telegram: https://t.me/locmstsc
OpenSSH is required only for SSH relay mode. If the system is missing ssh.exe, download OpenSSH and place it in the same directory as locmstsc.exe.
Download LocMSTSC for Windows
LocMSTSC is a P2P Remote Desktop connection tool based on Windows native mstsc. Regular users can use P2P mode and connect with the agent ID and access password; advanced users can also use SSH relay mode.
v1.28 (Build 128) - 2026-06-20 Improved TURN stability: stale sessions are released faster after a stream break to reduce busy reconnect failures; TCP/UDP sync protection reduces audio/video drift; TURN and direct P2P high-bandwidth parameters are aligned and expanded for smoother video playback and high-bitrate desktop streaming.
v1.26 (Build 1260) - 2026-06-14 Stable release, welcome to use. Optimized P2P transport: removed Pacing and FEC for lower latency; cross-border connections prefer IPv4 for better global stability; doubled send/write workers to reduce queue blocking.
v1.25 (Build 125) - 2026-06-10 Agent config changes no longer require stopping the service; reconnect to apply. The update flow has been changed, and self-update is now supported.
v1.23 (Build 123) - 2026-06-09 Fixed TURN mode stuttering and disconnects caused by pseudo-asynchronous coroutines in the low-level core.
v1.22 (Build 122) - 2026-06-08 Optimized TURN relay mode throughput; with the right relay server, video playback can stay smooth worldwide.
v1.21 (Build 121) - 2026-06-05 Refactored the P2P RDP UDP acceleration strategy to prioritize a raw UDP high-bandwidth direct connection link, and leverage high-bandwidth RDP configurations to make mstsc operate like a low packet loss, low jitter LAN link; disabled raw UDP send rate limiting by default, turned off FEC, warm-up, and keep-alive traffic generation, and disabled RDP persistent bitmap caching to reduce video playback stutter and latency accumulation; retained the UDP DataChannel as a fallback link when raw UDP is not ready, and supplemented raw UDP queue, packet loss, throughput, and write-back logging to facilitate verification of the actual acceleration effect.
v1.20 (Build 120) - 2026-06-01 Fixed an issue where IPv6 P2P UDP traffic could be interrupted when Windows Firewall was switched from disabled to enabled protection mode.
v1.19-2026-06-01 Fixed an issue where the P2P IPv6 health check did not count raw UDP downstream traffic, which could cause false disconnection judgments; IPv6 remains preferred within the same country, while IPv4 is forced to take priority across countries; added P2P IPv6 UDP firewall rules for the controlled side, and removed the automatic firewall modification and administrator permission requirement when the controller starts.
v1.05 Update: Optimized remote desktop FPS, with peak frame rates up to 60 FPS, significantly improving smoothness for video and gaming experiences.
v1.04 Update: Added RDP TCP/UDP dual-channel support for P2P direct connection mode, enabling Windows native Remote Desktop UDP acceleration in supported network environments; also improved TCP/UDP remote desktop port protection to enhance connection experience and troubleshooting capability.
Some older Windows systems may report that ssh.exe is missing. OpenSSH is required only for SSH relay mode. Download the matching version and extract it into the same directory as locmstsc.exe.
https://github.com/PowerShell/Win32-OpenSSH/releases/latest/download/OpenSSH-Win64.zip
https://github.com/PowerShell/Win32-OpenSSH/releases/latest/download/OpenSSH-Win32.zip
locmstsc.com · Native Windows Remote Desktop P2P connection tool · Telegram: https://t.me/locmstsc
FAQ
A concise explanation of LocMSTSC positioning, P2P mode, security boundaries, and SSH fallback.
What is LocMSTSC?
LocMSTSC is a Remote Desktop connection tool based on Windows native mstsc. It does not reimplement RDP; instead, it helps users connect to remote Windows more conveniently and safely through P2P / SSH channels.
Does P2P mode require a server?
Regular users do not need to configure a server. LocMSTSC includes the official connection service for device discovery and connection handshake. Remote Desktop data does not pass through the official connection service.
Will Remote Desktop data pass through official servers?
No. The official connection service only handles device online registration and connection handshake. It does not transmit desktop video, keyboard/mouse input, or RDP data.
What information is required to connect?
The controller needs the agent ID and access password. The agent can copy the connection information with one click.
Do I need to open the RDP port?
Opening it is not recommended. P2P mode does not require directly opening the Remote Desktop port. LocMSTSC accesses RDP through local 127.0.0.1 and can prompt you to enable public RDP protection after a successful connection.
How is it different from TeamViewer / ToDesk?
LocMSTSC uses Windows native mstsc, which feels more like entering your own remote Windows session. TeamViewer / ToDesk are more oriented toward screen sharing and temporary assistance.
How is it different from frp?
frp is a general intranet tunneling tool. LocMSTSC focuses only on Windows native Remote Desktop. Regular users should use P2P first, while technical users can use SSH relay.
What is SSH mode still useful for?
SSH mode is suitable for technical users who want to self-host a relay server as a compatibility or fallback option outside P2P.
Can I use it without a public IP?
Yes. P2P mode is designed for this scenario. Home PCs, office PCs, and virtual machines can all start waiting for connections.
Is it still useful for Windows servers with public IPs?
Yes. Even with a public IP, directly exposing the RDP port is not recommended. LocMSTSC can reduce the direct exposure surface.