🟡 Medium   ⏱ 5–30 min  Last verified: 19 May 2026

📖 ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution – Primary Fix
  7. Solution – Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Remote SSH sessions fail immediately after firewall updates. Administrators risk losing access to production hosts.

Environment & Reproduction

Ubuntu 22.04 servers using ufw default deny incoming policy. Reproduce by enabling ufw before allowing port 22/tcp.

Root Cause Analysis

Firewall policy blocks required management ports, often due to missing allow rules or interface-specific rule mismatches.

Quick Triage

Use console access, run sudo ufw status numbered, and confirm whether OpenSSH or custom SSH port is allowed.

Step-by-Step Diagnosis

Check active sshd port in /etc/ssh/sshd_config, verify ufw logs in journalctl, and test connectivity from a trusted source host.

Illustrative mockup for ubuntu-22-04-lts — ubuntu2204-common-problem-12-ufw-01.webp
SSH access blocked after enabling ufw with restrictive rules. — Illustrative mockup — Progressive Robot

Solution – Primary Fix

Allow SSH explicitly with sudo ufw allow OpenSSH or sudo ufw allow /tcp, then reload ufw and validate rule ordering.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Illustrative mockup for ubuntu-22-04-lts — ubuntu2204-common-problem-12-ufw-02.webp
Allow OpenSSH profile and reload firewall safely. — Illustrative mockup — Progressive Robot

Solution – Alternative Approaches

Use cloud security groups plus host firewall in layered mode, or restrict SSH by source CIDR for reduced attack surface.

Verification & Acceptance Criteria

SSH login succeeds from approved networks, ufw status reflects expected policy, and no unintended ports are exposed.

Rollback Plan

Disable ufw temporarily via console if fully locked out, then restore previous rules from saved ufw user.rules backup.

Prevention & Hardening

Apply firewall changes in staged sessions, maintain out-of-band access, and automate rule validation checks.

Connection timed out on port 22, ufw denied packets, ssh unreachable after firewall enable.

Related tutorial: View the step-by-step tutorial for Ubuntu 22.04 LTS.

View all Ubuntu 22.04 LTS tutorials on the Tutorials Hub →

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Ubuntu ufw documentation, man ufw, OpenSSH hardening references.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.