N Commands

nac enable

To enable Network Admission Control (NAC) on an interface, use the nac enable command. To disable NAC, use the no form of this command.

nac enable

no nac enable

Syntax Description

This command has no arguments or keywords.

Command Default

Disabled

Command Modes


Interface configuration

Command History

Release

Modification

4.0(1)

This command was introduced.

Usage Guidelines

You must use the feature eou command and set the switchport mode to access before using the nac enable command.

You can enable EAPoUDP only on an access mode interface.

This command does not require a license.

Examples

This example shows how to enable NAC on an interface: 

switch# configure terminal
switch(config)# interface ethernet 1/1
switch(config-if)# switchport
switch(config-if)# switchport mode access
switch(config-if)# nac enable

This example shows how to disable NAC on an interface: 

switch# configure terminal
switch(config)# interface ethernet 1/1
switch(config-if)# no nac enable

Related Commands

Command

Description

feature eou

Enables EAPoUDP.

show eou

Displays EAPoUDP information.

neq

To specify a not-equal-to group member for an IP port object group, use the neq command. To remove a not-equal-to group member from port object group, use the no form of this command.

[sequence-number] neq port-number

no {sequence-number | neq port-number}

Syntax Description

sequence-number

(Optional) Sequence number for this group member. Sequence numbers maintain the order of group members within an object group. Valid sequence numbers are from 1 to 4294967295. If you do not specify a sequence number, the device assigns a number that is 10 greater than the largest sequence number in the current object group.

port-number

Port number that this group member does not match. Valid values are from 0 to 65535.

Command Default

None

Command Modes


IP port object group configuration

Command History

Release

Modification

4.0(1)

This command was introduced.

Usage Guidelines

A not-equal-to group member matches port numbers that are not equal to the port number specified in the entry.

IP port object groups are not directional. Whether an neq command matches a source or destination port or whether it applies to inbound or outbound traffic depends upon how you use the object group in an ACL.

This command does not require a license.

Examples

This example shows how to configure an IP port object group named port-group-05 with a group member that matches traffic sent to any port except port 80: 

switch# configure terminal
switch(config)# object-group ip port port-group-05
switch(config-port-ogroup)# neq 80

Related Commands

Command

Description

eq

Specifies an equal-to group member in an IP port object group.

gt

Specifies a greater-than group member in an IP port object group.

lt

Specifies a less-than group member in an IP port object group.

object-group ip port

Configures an IP port object group.

range

Specifies a port-range group member in an IP port object group.

show object-group

Displays object groups.