Recently I ran into a scenario when a Cisco router was sitting behind another firewall and I needed access to that Cisco router via SSH – Port 22. I asked the customer to forward SSH – Port 22 to the internal IP address of the Cisco router. However because they were using a Juniper Firewall they were unable to do that because Juniper Firewalls use that port for management hence they don’t allow you to do that instead you get an error, “Port 22 is used for the management of this device”

Now you have two options, 1- Change the default SSH port on the Juniper firewall to something other than Port 22 or do it on the Cisco router. It was just easier for me to do that on a Cisco router so I used the following command to accomplish this:

conf t
ip ssh port Port number (2000 to 10,000)

Now lets say if you specified port number 2222 you will not be able to ssh to your router using that port over the WAN link as well as locally.

