Showing results for 
Search instead for 
Did you mean: 

Unable to archive config from a Cisco 800 router via SCP on non-standard port




I have a Cisco 800 router running 12.x and I am trying to archive config to an external server. I CAN archive if I use FTP but I want to swap to SCP for encryption.


This is what I am using as a command for FTP:




and this is the command I am using for SCP:


path scp://$h


Note that the SCP server is NOT hosted on port 22, it's on 52398.



If I try to archive the config with FTP, it works fine, and sends the file in about 2 seconds. if I try to archive using SCP it sits there for an eternity - 120 seconds?  -then just returns to the command shell, and meanwhile on the SCP server there is no activity, not even a log in attempt. I am able to send files to the SCP server from a separate (also external) Linux box, so I know the SCP server is working and the firewalls with the custom port are correct.


Am I doing something wrong? Or can the Cisco SCP implementation not handle ports other than 22?


Many thanks





VIP Mentor VIP Mentor
VIP Mentor


                     >Note that the SCP server is NOT hosted on port 22, it's on 52398.

  Bad practice and or your cisco device has valid-rights to not trust or have this possibility. Meaning that the

tcp/ip port-stack has a privileged port-range for specific services, leading to a trust-relation when the standard ssh/scp port is being used (and of the course the S from scp also means Secure....)


Hi marce1000


I appreciate the answer, but I'm not entirely sure I agree with it.


  • Most admins change the default port for common services.
  • We already have a different device listening on port 22 (it's a remote site and only have a single IP) so have no control over this
  • If that were the case, why would every SCP server on the planet allow the listening port to be changed?





 Most admins change the default port for common services.

 - I will not go into circling-argumentation and appreciate and honor your response, but I consider the behavior as standard and best-secure practice.


Ok so let me rephrase the question.


Does Cisco's SCP:// path syntax, within the archive section, support custom ports. Or not.


From the IETF (submitted by....Cisco) :


scp_URI = "scp://" [ userinfo "@" ] host [ ":" port ]
         [ ; parameter = value ] [ abs_path ]


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: