Router user interface modes

Router user interface modes
2.1.3 This page will introduce two user interface modes that can be configured for Cisco IOS.


The Cisco CLI uses a hierarchical structure. This structure requires entry into different modes to accomplish particular tasks. For example, to configure a router interface, the user must enter interface configuration mode. All configurations that are entered in interface configuration mode apply only to that interface. Each configuration mode is indicated with a distinctive prompt and allows only commands that are appropriate for that mode.

The IOS provides a command interpreter service known as the command executive (EXEC). After each command is entered, the EXEC validates and executes the command.

As a security feature the Cisco IOS software separates the EXEC sessions into two access levels. These levels are user EXEC mode and privileged EXEC mode. The privileged EXEC mode is also known as enable mode. The following are the features of the user EXEC mode and privileged EXEC mode:

• The user EXEC mode allows only a limited number of basic monitoring commands. This is often referred to as a view only mode. The user EXEC level does not allow any commands that might change the configuration of the router. The user EXEC mode can be identified by the > prompt.

• The privileged EXEC mode provides access to all router commands. This mode can be configured to require a password. For added protection, it can also be configured to require a user ID. This allows only authorized users to access the router. Configuration and management commands require that the network administrator be at the privileged EXEC level. Global configuration mode and all other more specific configuration modes can only be reached from the privileged EXEC mode. The privileged EXEC mode can be identified by the # prompt.

To access the privileged EXEC level from the user EXEC level, enter the enable command at the > prompt. If a password is configured, the router will then ask for that password. For security reasons, a Cisco network device will not show the password that is entered. When the correct password is entered, the router prompt will change to #. This indicates that the user is at the privileged EXEC level. When a question mark, ?, is entered at the privileged EXEC level, it will reveal many more command options than available at the user EXEC level.

The next page covers some additional features of Cisco IOS.