The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes the Cisco NX-OS security commands that begin with E.
To enable a user to move to a higher privilege level after being prompted for a secret password, use the enable command.
Privilege level to which the user must log in. The only available level is 15. |
|
|
---|---|
To use this command, you must enable the cumulative privilege of roles for command authorization on TACACS+ servers using the feature privilege command.
This example shows how to enable the user to move to a higher privilege level after being prompted for a secret password:
|
|
---|---|
Enables the cumulative privilege of roles for command authorization on TACACS+ servers. |
|
Displays the current privilege level, username, and status of cumulative privilege support. |
|
To enable a secret password for a specific privilege level, use the enable secret command. To disable the password, use the no form of this command.
enable secret [ 0 | 5 ] password [ all | priv-lvl priv-lvl ]
no enable secret [ 0 | 5 ] password [ all | priv-lvl priv-lvl ]
|
|
---|---|
To use this command, you must enable the cumulative privilege of roles for command authorization on TACACS+ servers using the feature privilege command.
This example shows how to enable a secret password for a specific privilege level:
To specify a single port as a group member in an IP port object group, use the eq command. To remove a single port group member from the port object group, use the no form of this command.
[ sequence-number ] eq port-number
no { sequence-number | eq port-number }
IP port object group configuration
|
|
IP port object groups are not directional. Whether an eq command matches a source or destination port or whether it applies to inbound or outbound traffic depends upon how you use the object group in an ACL.
This example shows how to configure an IP port object group named port-group-05 with a group member that matches traffic sent to or from port 443: