N Commands

This chapter describes the Cisco NX-OS security commands that begin with N.


To specify a not-equal-to group member for an IP port object group, use the neq command. To remove a not-equal-to group member from port object group, use the no form of this command.

[ sequence-number ] neq port-number

no { sequence-number | neq port-number }

Syntax Description


(Optional) Sequence number for this group member. Sequence numbers maintain the order of group members within an object group. Valid sequence numbers are from 1 to 4294967295. If you do not specify a sequence number, the device assigns a number that is 10 greater than the largest sequence number in the current object group.


Port number that this group member does not match. Valid values are from 0 to 65535.



Command Modes

IP port object group configuration

Command History



This command was introduced.

Usage Guidelines

A not-equal-to group member matches port numbers that are not equal to the port number specified in the entry.

IP port object groups are not directional. Whether an neq command matches a source or destination port or whether it applies to inbound or outbound traffic depends upon how you use the object group in an ACL.

This command does not require a license.


This example shows how to configure an IP port object group named port-group-05 with a group member that matches traffic sent to any port except port 80:

switch# config t
switch(config)# object-group ip port port-group-05
switch(config-port-ogroup)# neq 80

Related Commands



Specifies an equal-to group member in an IP port object group.


Specifies a greater-than group member in an IP port object group.


Specifies a less-than group member in an IP port object group.

object-group ip port

Configures an IP port object group.


Specifies a port-range group member in an IP port object group.

show object-group

Displays object groups.