diff --git a/tasks/ssh_default.yml b/tasks/ssh_default.yml
index 1e07e65..272eb6d 100644
--- a/tasks/ssh_default.yml
+++ b/tasks/ssh_default.yml
@@ -41,3 +41,13 @@
     group: root
     mode: "0640"
   when: ('crypto-policies' in ansible_facts.packages)
+
+- name: Ensure seport matches sshd config
+  seport:
+    ports: "{{ sshd_port }}"
+    proto: "tcp"
+    setype: "ssh_port_t"
+    state: "present"
+  when:
+    - ansible_selinux is defined
+    - ansible_selinux.status == "enabled"