E Commands
This chapter describes the Cisco NX-OS security commands that begin with E.
enable
To enable a user to move to a higher privilege level after being prompted for a secret password, use the enable command.
enable level
Syntax Description
level |
Privilege level to which the user must log in. The only available level is 15. |
Command Default
Privilege level 15
Command Modes
EXEC configuration mode
Command History
|
|
5.2(1)N1(1) |
This command was introduced. |
Usage Guidelines
To use this command, you must enable the cumulative privilege of roles for command authorization on TACACS+ servers using the feature privilege command.
Examples
This example shows how to enable the user to move to a higher privilege level after being prompted for a secret password:
Related Commands
|
|
enable secret |
Enables a secret password for a specific privilege level. |
feature privilege |
Enables the cumulative privilege of roles for command authorization on TACACS+ servers. |
show privilege |
Displays the current privilege level, username, and status of cumulative privilege support. |
username |
Enables a user to use privilege levels for authorization. |
enable secret
To enable a secret password for a specific privilege level, use the enable secret command. To disable the password, use the no form of this command.
enable secret [ 0 | 5 ] password [ all | priv-lvl priv-lvl ]
no enable secret [ 0 | 5 ] password [ all | priv-lvl priv-lvl ]
Syntax Description
0 |
(Optional) Specifies that the password is in clear text. |
5 |
(Optional) Specifies that the password is in encrypted format. |
password |
Password for user privilege escalation. It contains up to 64 alphanumeric, case-sensitive characters. |
all |
(Optional) Adds or removes all privilege level secrets. |
priv-lvl priv-lvl |
(Optional) Specifies the privilege level to which the secret belongs. The range is from 1 to 15. |
Command Modes
Global configuration mode
Command History
|
|
5.2(1)N1(1) |
This command was introduced. |
Usage Guidelines
To use this command, you must enable the cumulative privilege of roles for command authorization on TACACS+ servers using the feature privilege command.
Examples
This example shows how to enable a secret password for a specific privilege level:
switch# configure terminal
switch(config)# feature privilege
switch(config)# enable secret 5 def456 priv-lvl 15
switch(config)# username user2 priv-lvl 15
Related Commands
|
|
enable |
Enables the user to move to a higher privilege level after being prompted for a secret password. |
feature privilege |
Enables the cumulative privilege of roles for command authorization on TACACS+ servers. |
show privilege |
Displays the current privilege level, username, and status of cumulative privilege support. |
username |
Enables a user to use privilege levels for authorization. |
eq
To specify a single port as a group member in an IP port object group, use the eq command. To remove a single port group member from the port object group, use the no form of this command.
[ sequence-number ] eq port-number
no { sequence-number | eq port-number }
Syntax Description
sequence-number |
(Optional) Sequence number for this group member. Sequence numbers maintain the order of group members within an object group. Valid sequence numbers are from 1 to 4294967295. If you do not specify a sequence number, the device assigns a number that is 10 greater than the largest sequence number in the current object group. |
port-number |
Port number that this group member matches. Valid port numbers are from 0 to 65535. |
Command Modes
IP port object group configuration
Command History
|
|
7.3(0)N1(1) |
This command was introduced. |
Usage Guidelines
IP port object groups are not directional. Whether an eq command matches a source or destination port or whether it applies to inbound or outbound traffic depends upon how you use the object group in an ACL.
This command does not require a license.
Examples
This example shows how to configure an IP port object group named port-group-05 with a group member that matches traffic sent to or from port 443:
switch(config)# object-group ip port port-group-05
switch(config-port-ogroup)# eq 443
Related Commands
|
|
gt |
Specifies a greater-than group member in an IP port object group. |
lt |
Specifies a less-than group member in an IP port object group. |
neq |
Specifies a not-equal-to group member in an IP port object group. |
object-group ip port |
Configures an IP port object group. |
range |
Specifies a port-range group member in an IP port object group. |
show object-group |
Displays object groups. |