Working on something well outside of my experience range recently (typical…), namely Cisco switch administration. In particular, I was working on a Cisco Catalyst 3560 switch which apparently doesn’t have quite as robust of a user-friendly web-gui as I would have liked. A couple years back I setup a SPAN port (aka Mirror port) on this switch as we were setting up Snort IDS for the network here and needed a sniffer port. Fast-forward a year and our network configuration has changed and we no longer need this to be a SPAN port and I couldn’t remember how I set it up (or how to take it away).

I know very little about the Cisco Command-Line interface but after Googling around to five different sites I was able to speculate/guess what needed to be done.

The Cisco command line has at least two (perhaps several?) operative modes. One of the oft-used modes is the configure mode. Now, the annoying thing is that most Cisco tutorials are not written for total Cisco noobs like myself… And they all just have you running the command to jump into configuration mode. However that command wasn’t working for me, nor were many others…. Eventually I figured it out… you need to elevate your session permissions first. Which is what this post was written for.

So, telnet to your Cisco device (I use putty… love it!)… login. Once you get to your command line use the following command to elevate your permissions:

enable 15

Cisco apparently has 15 different permission levels with 15 being the highest. Not knowing one from the other (and as I was using the root account) I just bumped my perms to 15 so I could get done what I needed to get done…

After that you can enter configure mode:

configure terminal

Perhaps that will save some folks some headache. I had to google around quite a bit to figure out something that I am sure is second nature for Cisco admins, hence few of the online helps mentioned it.


In case you landed here because you were specifically trying to remove a SPAN port on a cisco switch… the best instructions I found were here…

1 of 1

One comment on: Cisco CLI Noob Tip – You need to ramp up your permission level to do stuff…

  1. Erik Bixby

    Those two commands can be shorted as follows:
    conf t

    You can generally shorten commands just to the point that they’re unambiguous. Also, [tab] and [?] are your friends in the CLI on Cisco equipment.

Leave a Reply