Microsoft Windows [Version 10.0.22621.2428]
(c) Microsoft Corporation. C:\Windows>netsh ras ? The following commands are available: Commands in this context: ? - Displays a list of commands. aaaa - Changes to the `netsh ras aaaa' context. add - Adds items to a table. delete - Removes items from a table. diagnostics - Changes to the `netsh ras diagnostics' context. dump - Displays a configuration script. help - Displays a list of commands. ip - Changes to the `netsh ras ip' context. ipv6 - Changes to the `netsh ras ipv6' context. set - Sets configuration information. show - Displays information. The following sub-contexts are available: aaaa diagnostics ip ipv6 To view help for a command, type the command, followed by a space, and then type ?.
Changes to the `netsh ras aaaa' context.
»netsh »ras »aaaa
C:\Windows>netsh ras aaaa ? The following commands are available: Commands in this context: ? - Displays a list of commands. add - Adds items to a table. delete - Removes items from a table. dump - Displays a configuration script. help - Displays a list of commands. set - Sets configuration information. show - Displays information. To view help for a command, type the command, followed by a space, and then type ?.
Adds items to a table.
»netsh »ras »aaaa »add
C:\Windows>netsh ras aaaa add ? The following commands are available: Commands in this context: add acctserver - Adds a RADIUS accounting server. add authserver - Adds a RADIUS authentication server.
Adds a RADIUS accounting server.
»netsh »ras »aaaa »add »acctserver
C:\Windows>netsh ras aaaa add acctserver ? add acctserver [ name = ] server [ [secret =] secret [init-score =] InitialScore [port =] port [timeout = ] timeout [messages = ] ENABLED|DISABLED ] Provides an IP address or name of a RADIUS server to use for accounting. name The DNS name or IP address of the RADIUS server secret The shared secret init-score Initial score (server priority) port Sets the port on which to send the authentication requests. timeout The timeout period before the RADIUS server is marked unavailable (seconds) messages Whether to send accounting on/off messages.
Adds a RADIUS authentication server.
»netsh »ras »aaaa »add »authserver
C:\Windows>netsh ras aaaa add authserver ? add authserver [ name = ] server [ [secret =] secret [init-score =] InitialScore [port =] port [timeout =] timeout [signature = ] ENABLED|DISABLED ] Provides an IP address or name of a RADIUS server to pass authentication requests. name The DNS name or IP address of the RADIUS server secret The shared secret init-score Initial score (server priority) port Sets the port on which to send the authentication requests. timeout The timeout period before the RADIUS server is marked unavailable (seconds) signature Whether to use Message Authenticator
Removes items from a table.
»netsh »ras »aaaa »delete
C:\Windows>netsh ras aaaa delete ? The following commands are available: Commands in this context: delete acctserver - Deletes a RADIUS accounting server. delete authserver - Deletes a RADIUS server.
Deletes a RADIUS accounting server.
»netsh »ras »aaaa »delete »acctserver
C:\Windows>netsh ras aaaa delete acctserver ? delete acctserver [name = ] server Deletes a RADIUS accounting server.
Deletes a RADIUS server.
»netsh »ras »aaaa »delete »authserver
C:\Windows>netsh ras aaaa delete authserver ? delete authserver [name = ] server Deletes a RADIUS authentication server.
Displays a configuration script.
»netsh »ras »aaaa »dump
C:\Windows>netsh ras aaaa dump ? Usage: dump Remarks: Creates a script that contains the current configuration. If saved to a file, this script can be used to restore altered configuration settings.
Displays a list of commands.
»netsh »ras »aaaa »help
C:\Windows>netsh ras aaaa help ? Usage: help Remarks: Displays a list of commands.
Sets configuration information.
»netsh »ras »aaaa »set
C:\Windows>netsh ras aaaa set ? The following commands are available: Commands in this context: set accounting - Sets the accounting provider. set acctserver - Sets properties of an accounting server. set authentication - Sets the authentication provider. set authserver - Sets properties of an authentication server. set ipsecpolicy - Sets the IPsec policy for L2TP connection.
Sets the accounting provider.
»netsh »ras »aaaa »set »accounting
C:\Windows>netsh ras aaaa set accounting ? set accounting [provider =] WINDOWS|RADIUS|NONE Sets the accounting provider. windows Windows security should perform accounting. radius A RADIUS server should perform accounting. none Do not perform accounting.
Sets properties of an accounting server.
»netsh »ras »aaaa »set »acctserver
C:\Windows>netsh ras aaaa set acctserver ? set acctserver [ name = ] server [ [secret =] secret [init-score =] InitialScore [port =] port [timeout = ] timeout [messages = ] ENABLED|DISABLED ] Provides an IP address or name of a RADIUS server to use for accounting. name The DNS name or IP address of the RADIUS server secret The shared secret init-score Initial score (server priority) port Sets the port on which to send the authentication requests. timeout The timeout period before the RADIUS server is marked unavailable (seconds) messages Whether to send accounting on/off messages.
Sets the authentication provider.
»netsh »ras »aaaa »set »authentication
C:\Windows>netsh ras aaaa set authentication ? set authentication [provider =] WINDOWS|RADIUS Sets the authentication provider. windows Windows security should perform authentication. radius A RADIUS server should perform authentication.
Sets properties of an authentication server.
»netsh »ras »aaaa »set »authserver
C:\Windows>netsh ras aaaa set authserver ? set authserver [ name = ] server [ [secret =] secret [init-score =] InitialScore [port =] port [timeout =] timeout [signature = ] ENABLED|DISABLED ] Provides an IP address or name of a RADIUS server to pass authentication requests. name The DNS name or IP address of the RADIUS server secret The shared secret init-score Initial score (server priority) port Sets the port on which to send the authentication requests. timeout The timeout period before the RADIUS server is marked unavailable (seconds) signature Whether to use Message Authenticator
Sets the IPsec policy for L2TP connection.
»netsh »ras »aaaa »set »ipsecpolicy
C:\Windows>netsh ras aaaa set ipsecpolicy ? set ipsecpolicy [psk=] ENABLED | DISABLED [secret =] <Pre shared key> Sets the IPsec policy for L2TP connection. psk - Specifies whether a L2TP connection can use a Custom IPsec policy ENABLED - Custom IPsec policy using pre-shared keys DISABLED - Certificate Authority Policy. secret - The pre-shared key to be used with custom IPsec policy.
Displays information.
»netsh »ras »aaaa »show
C:\Windows>netsh ras aaaa show ? The following commands are available: Commands in this context: show accounting - Displays the current accounting provider. show acctserver - Displays the RADIUS server(s) used for accounting. show authentication - Displays the current authentication provider. show authserver - Displays the RADIUS server(s) used for authentication. show ipsecpolicy - Shows the IPsec policy for L2TP connection.
Displays the current accounting provider.
»netsh »ras »aaaa »show »accounting
C:\Windows>netsh ras aaaa show accounting ? show accounting Displays the accounting provider
Displays the RADIUS server(s) used for accounting.
»netsh »ras »aaaa »show »acctserver
C:\Windows>netsh ras aaaa show acctserver ? show acctserver [ [name = ] server ] Displays detailed information about an accounting server. name The DNS name or IP address of the RADIUS server If no server name is provided, all configured accounting servers will be displayed.
Displays the current authentication provider.
»netsh »ras »aaaa »show »authentication
C:\Windows>netsh ras aaaa show authentication ? show authentication Displays the authentication provider
Displays the RADIUS server(s) used for authentication.
»netsh »ras »aaaa »show »authserver
C:\Windows>netsh ras aaaa show authserver ? show authserver [ [name = ] server ] Displays detailed information about an authentication server. name The DNS name or IP address of the RADIUS server If no server name is provided, all configured authentication servers will be displayed.
Shows the IPsec policy for L2TP connection.
»netsh »ras »aaaa »show »ipsecpolicy
C:\Windows>netsh ras aaaa show ipsecpolicy ? show ipsecpolicy Shows the IPsec policy for L2TP connection.
Adds items to a table.
»netsh »ras »add
C:\Windows>netsh ras add ? The following commands are available: Commands in this context: add authtype - Adds types of authentication the Remote Access server will negotiate. add link - Adds to the list of link properties PPP will negotiate add multilink - Adds to the list of multilink types PPP will negotiate add registeredserver - Registers the given Windows computer as a Remote Access server in the Active Directory of the given domain.
Adds types of authentication the Remote Access server will negotiate.
»netsh »ras »add »authtype
C:\Windows>netsh ras add authtype ? add authtype [type = ] PAP|MD5CHAP|MSCHAPv2|EAP|CERT Selects the types of authentication which this Remote Access server will attempt to negotiate. Negotiation will be in the order most-secure to least-secure. Once both client and server agree upon an authentication type, the PPP negotiation will follow the appropriate RFCs. type - the type PAP - Password Authentication Protocol (clear text). MD5CHAP - Challenge Handshake Authentication Protocol using Message Digest 5 hashing scheme to encrypt the response. MSCHAPv2 - Version 2 of MSCHAP. EAP - Extensible Authentication Protocol. CERT - Certificate Authentication for IKEv2.
Adds to the list of link properties PPP will negotiate
»netsh »ras »add »link
C:\Windows>netsh ras add link ? add link [type = ] SWC|LCP Adds to the list of link properties PPP will negotiate. type - the type SWC - Provides software compression (MPPC) LCP - Provides Link Control Protocol extensions from the PPP suite of protocols.
Adds to the list of multilink types PPP will negotiate
»netsh »ras »add »multilink
C:\Windows>netsh ras add multilink ? add multilink [type = ] MULTI|BACP Adds to the list of multilink types PPP will negotiate. type - the type MULTI - Provides multilink PPP sessions. BACP - Provides Bandwidth Allocation Control Protocol.
Registers the given Windows computer as a
»netsh »ras »add »registeredserver
C:\Windows>netsh ras add registeredserver ? add registeredserver [ [domain = ] domain [server = ] server ] Registers the given Windows computer as a Remote Access server in the Active Directory of the given domain. server - the computer name of the computer to be registered as a Remote Access server. If no server is specified the computer from which the command is issued is assumed. domain - the domain in which the given server should be registered. If no domain is provided, the primary domain of the computer from which the command is issued is assumed.
Removes items from a table.
»netsh »ras »delete
C:\Windows>netsh ras delete ? The following commands are available: Commands in this context: delete authtype - Deletes an authentication type from the Remote Access server. delete link - Deletes from the list of link properties PPP will negotiate delete multilink - Deletes from the list of multilink types PPP will negotiate delete registeredserver - Un-registers the given Windows computer as a Remote Access server in the Active Directory of the given domain.
Deletes an authentication type from the Remote Access server.
»netsh »ras »delete »authtype
C:\Windows>netsh ras delete authtype ? delete authtype [type = ] PAP|MD5CHAP|MSCHAPv2|EAP|CERT Deletes an authentication type from the list of types that the Remote Access server will negotiate. type - the type PAP - Password Authentication Protocol (clear text). MD5CHAP - Challenge Handshake Authentication Protocol using Message Digest 5 hashing scheme to encrypt the response. MSCHAPv2 - Version 2 of MSCHAP. EAP - Extensible Authentication Protocol. CERT - Certificate Authentication for IKEv2.
Deletes from the list of link properties PPP will negotiate
»netsh »ras »delete »link
C:\Windows>netsh ras delete link ? delete link [type = ] SWC|LCP Deletes from the list of link properties PPP will negotiate. type - the type SWC - Provides software compression (MPPC) LCP - Provides Link Control Protocol extensions from the PPP suite of protocols.
Deletes from the list of multilink types PPP will negotiate
»netsh »ras »delete »multilink
C:\Windows>netsh ras delete multilink ? delete multilink [type = ] MULTI|BACP Deletes from the list of multilink types PPP will negotiate. type - the type MULTI - Provides multilink PPP sessions. BACP - Provides Bandwidth Allocation Control Protocol.
Un-registers the given Windows computer as a
»netsh »ras »delete »registeredserver
C:\Windows>netsh ras delete registeredserver ? delete registeredserver [ [domain = ] domain [server = ] server ] Un-registers the given Windows computer as a Remote Access server in the Active Directory of the given domain. server - the computer name of the computer to be unregistered as a Remote Access server. If no server is specified the computer from which the command is issued is assumed. domain - the domain in which the given server should be unregistered. If no domain is provided, the primary domain of the computer from which the command is issued is assumed.
Changes to the `netsh ras diagnostics' context.
»netsh »ras »diagnostics
C:\Windows>netsh ras diagnostics ? The following commands are available: Commands in this context: ? - Displays a list of commands. dump - Displays a configuration script. help - Displays a list of commands. set - Sets configuration information. show - Displays information. To view help for a command, type the command, followed by a space, and then type ?.
Displays a configuration script.
»netsh »ras »diagnostics »dump
C:\Windows>netsh ras diagnostics dump ? Usage: dump Remarks: Creates a script that contains the current configuration. If saved to a file, this script can be used to restore altered configuration settings.
Displays a list of commands.
»netsh »ras »diagnostics »help
C:\Windows>netsh ras diagnostics help ? Usage: help Remarks: Displays a list of commands.
Sets configuration information.
»netsh »ras »diagnostics »set
C:\Windows>netsh ras diagnostics set ? The following commands are available: Commands in this context: set cmtracing - Enables/disables Connection Manager logging. set loglevel - Sets the global Log level for RRAS set modemtracing - Enables or disables tracing of modem settings and messages during a network connection. set rastracing - Enables/disables extended tracing for a component. set securityeventlog - Enables or disables Security Event logging. You can view Security Event logs using Event Viewer. set tracefacilities - Enables/disables extended tracing for all components.
Enables/disables Connection Manager logging.
»netsh »ras »diagnostics »set »cmtracing
C:\Windows>netsh ras diagnostics set cmtracing ? set cmtracing [ state = ] ENABLED|DISABLED Enables or disables logging for Connection Manager service profiles. state - tracing state for Connection Manager service profiles. ENABLED - Enables logging for Connection Manager service profiles. DISABLED - Disables logging for Connection Manager service profiles.
Sets the global Log level for RRAS
»netsh »ras »diagnostics »set »loglevel
C:\Windows>netsh ras diagnostics set loglevel ? set loglevel [events=] error | warn | all | none Sets the global Log level for Routing and Remote Access Service events - Events to log into the System Log in Event Viewer none - Specifies that no event is logged error - Specifies that only errors are logged warn - Specifies that errors and warnings are logged all - Specifies to log all events.
Enables or disables tracing of modem settings and messages during a network connection.
»netsh »ras »diagnostics »set »modemtracing
C:\Windows>netsh ras diagnostics set modemtracing ? set modemtracing [ state = ] ENABLED|DISABLED Enables or disables tracing of modem settings and messages during a network connection. state - tracing state of modem ENABLED - Enables modem tracing for all network connections that use a modem. DISABLED - Disables modem tracing for all network connections that use a modem.
Enables/disables extended tracing for a component.
»netsh »ras »diagnostics »set »rastracing
C:\Windows>netsh ras diagnostics set rastracing ? set rastracing [component = ] component [state = ] ENABLED|DISABLED Enables or disables extended tracing for the given component. component - the component (use '*' to denote all components)
Enables or disables Security Event logging. You can view Security Event logs using Event Viewer.
»netsh »ras »diagnostics »set »securityeventlog
C:\Windows>netsh ras diagnostics set securityeventlog ? set securityeventlog [ state = ] ENABLED|DISABLED Enables or disables Security Event logging. You can view Security Event logs using Event Viewer. state - tracing state of security events ENABLED - Enables logging of Security Events for all network connections. DISABLED - Disables logging of Security Events for all network connections.
Enables/disables extended tracing for all components.
»netsh »ras »diagnostics »set »tracefacilities
C:\Windows>netsh ras diagnostics set tracefacilities ? set tracefacilities [ state = ] ENABLED|DISABLED|CLEAR Enables, disables, or clears extended tracing logs for all network connections. state - - tracing state of the RAS components ENABLED - Enables all available logging functions for all network connections. DISABLED - Disables all available logging functions for all network connections. CLEAR - Clears all extended tracing log files.
Displays information.
»netsh »ras »diagnostics »show
C:\Windows>netsh ras diagnostics show ? The following commands are available: Commands in this context: show all - Shows Remote Access Diag Report. show cmtracing - Shows whether Connection Manager logging is enabled. show configuration - Configuration Info. show installation - Installation Info. show loglevel - Shows the global Log level for RRAS show logs - Shows all logs. show modemtracing - Shows whether tracing of modem settings and messages during a network connection is enabled. show rastracing - Shows whether extended tracing is enabled for components. show securityeventlog - Shows whether Security Event Logs are enabled. show tracefacilities - Shows whether extended tracing is enabled for all components.
Shows Remote Access Diag Report.
»netsh »ras »diagnostics »show »all
C:\Windows>netsh ras diagnostics show all ? show all [ type = ] FILE|EMAIL [ destination = ] destination [ [ compression = ] ENABLED|DISABLED [ hours = ] hours [ verbose = ] ENABLED|DISABLED ] Shows the entire Remote Access Diagnostic Report. type - type of destination. FILE - save the diagnostic report to a file. EMAIL - send the diagnostic report to an email address. destination - the destination for the diagnostic report. Either a filename or an email address is a valid destination. compression - compress the diagnostic report into a CAB file. ENABLED - enables compression. Default setting for email destination. DISABLED - disables compression. Default setting for file destination. hours - only show log entries from this number of hours in the past. 1 - 24 is valid. If no time is specified, the entire log will be displayed. verbose - Amount of data to include in the diagnostic report. ENABLED - enables verbose information. DISABLED - disables verbose information. Default.
Shows whether Connection Manager logging is enabled.
»netsh »ras »diagnostics »show »cmtracing
C:\Windows>netsh ras diagnostics show cmtracing ? Usage: show cmtracing Shows whether Connection Manager logging is enabled.
Configuration Info.
»netsh »ras »diagnostics »show »configuration
C:\Windows>netsh ras diagnostics show configuration ? show configuration [ type = ] FILE|EMAIL [ destination = ] destination [ [ compression = ] ENABLED|DISABLED [ hours = ] hours [ verbose = ] ENABLED|DISABLED ] Configuration Info. type - type of destination. FILE - save the diagnostic report to a file. EMAIL - send the diagnostic report to an email address. destination - the destination for the diagnostic report. Either a filename or an email address is a valid destination. compression - compress the diagnostic report into a CAB file. ENABLED - enables compression. Default setting for email destination. DISABLED - disables compression. Default setting for file destination. hours - only show log entries from this number of hours in the past. 1 - 24 is valid. If no time is specified, the entire log will be displayed. verbose - Amount of data to include in the diagnostic report. ENABLED - enables verbose information. DISABLED - disables verbose information. Default.
Installation Info.
»netsh »ras »diagnostics »show »installation
C:\Windows>netsh ras diagnostics show installation ? show installation [ type = ] FILE|EMAIL [ destination = ] destination [ [ compression = ] ENABLED|DISABLED [ hours = ] hours [ verbose = ] ENABLED|DISABLED ] Installation Info. type - type of destination. FILE - save the diagnostic report to a file. EMAIL - send the diagnostic report to an email address. destination - the destination for the diagnostic report. Either a filename or an email address is a valid destination. compression - compress the diagnostic report into a CAB file. ENABLED - enables compression. Default setting for email destination. DISABLED - disables compression. Default setting for file destination. hours - only show log entries from this number of hours in the past. 1 - 24 is valid. If no time is specified, the entire log will be displayed. verbose - Amount of data to include in the diagnostic report. ENABLED - enables verbose information. DISABLED - disables verbose information. Default.
Shows the global Log level for RRAS
»netsh »ras »diagnostics »show »loglevel
C:\Windows>netsh ras diagnostics show loglevel ? show loglevel Shows the global Log level for Routing and Remote Access Service
Shows all logs.
»netsh »ras »diagnostics »show »logs
C:\Windows>netsh ras diagnostics show logs ? show logs [ type = ] FILE|EMAIL [ destination = ] destination [ [ compression = ] ENABLED|DISABLED [ hours = ] hours [ verbose = ] ENABLED|DISABLED ] Shows all logs. type - type of destination. FILE - save the diagnostic report to a file. EMAIL - send the diagnostic report to an email address. destination - the destination for the diagnostic report. Either a filename or an email address is a valid destination. compression - compress the diagnostic report into a CAB file. ENABLED - enables compression. Default setting for email destination. DISABLED - disables compression. Default setting for file destination. hours - only show log entries from this number of hours in the past. 1 - 24 is valid. If no time is specified, the entire log will be displayed. verbose - Amount of data to include in the diagnostic report. ENABLED - enables verbose information. DISABLED - disables verbose information. Default.
Shows whether tracing of modem settings and messages during a network connection is enabled.
»netsh »ras »diagnostics »show »modemtracing
C:\Windows>netsh ras diagnostics show modemtracing ? Usage: show modemtracing Shows whether tracing of modem settings and messages during a network connection is enabled.
Shows whether extended tracing is enabled for components.
»netsh »ras »diagnostics »show »rastracing
C:\Windows>netsh ras diagnostics show rastracing ? show rastracing [ [component = ] component ] Shows whether tracing for the given component is enabled. If no component is specified, shows the state of all components. component - the component
Shows whether Security Event Logs are enabled.
»netsh »ras »diagnostics »show »securityeventlog
C:\Windows>netsh ras diagnostics show securityeventlog ? Usage: show securityeventlog Shows whether logging of Security Events is enabled.
Shows whether extended tracing is enabled for all components.
»netsh »ras »diagnostics »show »tracefacilities
C:\Windows>netsh ras diagnostics show tracefacilities ? Usage: show tracefacilities Shows whether extended tracing is enabled for all components.
Displays a configuration script.
»netsh »ras »dump
C:\Windows>netsh ras dump ? Usage: dump Remarks: Creates a script that contains the current configuration. If saved to a file, this script can be used to restore altered configuration settings.
Displays a list of commands.
»netsh »ras »help
C:\Windows>netsh ras help ? Usage: help Remarks: Displays a list of commands.
Changes to the `netsh ras ip' context.
»netsh »ras »ip
C:\Windows>netsh ras ip ? The following commands are available: Commands in this context: ? - Displays a list of commands. add - Adds items to a table. delete - Removes items from a table. dump - Displays a configuration script. help - Displays a list of commands. set - Sets configuration information. show - Displays information. To view help for a command, type the command, followed by a space, and then type ?.
Adds items to a table.
»netsh »ras »ip »add
C:\Windows>netsh ras ip add ? The following commands are available: Commands in this context: add range - Adds a range to the static IP address pool.
Adds a range to the static IP address pool.
»netsh »ras »ip »add »range
C:\Windows>netsh ras ip add range ? add range [from = ] from [to = ] to Adds a range to the static IP address pool that the Remote Access server uses. from - the starting IP address in the range in the form 'x.x.x.x' to - the ending IP address in the range in the form 'x.x.x.x'
Removes items from a table.
»netsh »ras »ip »delete
C:\Windows>netsh ras ip delete ? The following commands are available: Commands in this context: delete pool - Deletes all ranges from the static IP address pool. delete range - Deletes a range from the static IP address pool.
Deletes all ranges from the static IP address pool.
»netsh »ras »ip »delete »pool
C:\Windows>netsh ras ip delete pool ? delete pool Deletes all ranges from the static IP address pool.
Deletes a range from the static IP address pool.
»netsh »ras »ip »delete »range
C:\Windows>netsh ras ip delete range ? delete range [from = ] from [to = ] to Deletes a range from the static IP address pool that the Remote Access server uses. from - the starting IP address in the range in the form 'x.x.x.x' to - the ending IP address in the range in the form 'x.x.x.x'
Displays a configuration script.
»netsh »ras »ip »dump
C:\Windows>netsh ras ip dump ? Usage: dump Remarks: Creates a script that contains the current configuration. If saved to a file, this script can be used to restore altered configuration settings.
Displays a list of commands.
»netsh »ras »ip »help
C:\Windows>netsh ras ip help ? Usage: help Remarks: Displays a list of commands.
Sets configuration information.
»netsh »ras »ip »set
C:\Windows>netsh ras ip set ? The following commands are available: Commands in this context: set access - Sets whether clients are given access beyond the remote access server. set addrassign - Sets the method by which the Remote Access server assigns IP addresses to its clients. set addrreq - Sets whether clients can request their own IP addresses. set broadcastnameresolution - Sets whether to enable or disable broadcast name resolution using NetBIOS over TCP/IP. set negotiation - Sets whether IP is negotiated for client Remote Access connections. set preferredadapter - Specifies the preferred adapter for Routing and Remote Access Service.
Sets whether clients are given access beyond the remote
»netsh »ras »ip »set »access
C:\Windows>netsh ras ip set access ? Usage: set access [mode = ] ALL|SERVERONLY Parameters: mode - what type of access to grant ALL - clients are able to reach the remote access server and any networks to which it is connected. SERVERONLY - clients are able to reach the remote access server only. Remarks: Specifies whether IP network traffic from any client is forwarded to the network(s) to which the remote access server is connected.
Sets the method by which the Remote Access server
»netsh »ras »ip »set »addrassign
C:\Windows>netsh ras ip set addrassign ? set addrassign [method = ] AUTO|POOL Sets the method by which the Remote Access server assigns IP addresses to its clients. method - the method to use AUTO - automatically assigns IP addresses using DHCP. If no DHCP server is available, a random, private address is assigned. POOL - assigns IP address from the Remote Access server's pool.
Sets whether clients can request their own IP addresses.
»netsh »ras »ip »set »addrreq
C:\Windows>netsh ras ip set addrreq ? set addrreq [mode = ] ALLOW|DENY Specifies whether dialin clients are permitted to request their own IP addresses. mode - the mode ALLOW - allow clients to request their own IP addresses. DENY - don't allow clients to request their own IP addresses.
Sets whether to enable or disable broadcast
»netsh »ras »ip »set »broadcastnameresolution
C:\Windows>netsh ras ip set broadcastnameresolution ? set broadcastnameresolution [mode = ] ENABLED|DISABLED Specifies whether to enable or disable broadcast name resolution using NetBIOS over TCP/IP. mode - the mode ENABLED - enables broadcast name resolution using NetBIOS over TCP/IP. DISABLED - disables broadcast name resolution using NetBIOS over TCP/IP.
Sets whether IP is negotiated for client Remote Access connections.
»netsh »ras »ip »set »negotiation
C:\Windows>netsh ras ip set negotiation ? set negotiation [mode = ] ALLOW|DENY Specifies whether the Remote Access server will allow IP to be configured for any client connections it accepts. mode - the mode ALLOW - permit IP over client connections. DENY - do not permit IP over client connections.
Specifies the preferred adapter for Routing and Remote
»netsh »ras »ip »set »preferredadapter
C:\Windows>netsh ras ip set preferredadapter ? set preferredadapter[[name=] <interface_name> ] Specifies the preferred adapter for Routing and Remote Access Service name - name of the adapter in quoted string <interface_name> - Specifies that the adapter interface_name to be used to obtain the IP address for the allocation (If Configured to use DHCP) and the IP address of DHCP and WINS server for assignment to remote access clients and demand dial uses. No Argument - Default auto select setting. Specifies that RAS to select an adapter at random when Routing and Remote Access Service is started
Displays information.
»netsh »ras »ip »show
C:\Windows>netsh ras ip show ? The following commands are available: Commands in this context: show config - Displays current Remote Access IP configuration. show preferredadapter - Shows the preferred adapter for Routing and Remote Access Service.
Displays current Remote Access IP configuration.
»netsh »ras »ip »show »config
C:\Windows>netsh ras ip show config ? show config Displays current Remote Access IP configuration.
Shows the preferred adapter for Routing and Remote
»netsh »ras »ip »show »preferredadapter
C:\Windows>netsh ras ip show preferredadapter ? show preferredadapter Shows the preferred adapter for Routing and Remote Access Service
Changes to the `netsh ras ipv6' context.
»netsh »ras »ipv6
C:\Windows>netsh ras ipv6 ? The following commands are available: Commands in this context: ? - Displays a list of commands. dump - Displays a configuration script. help - Displays a list of commands. set - Sets configuration information. show - Displays information. To view help for a command, type the command, followed by a space, and then type ?.
Displays a configuration script.
»netsh »ras »ipv6 »dump
C:\Windows>netsh ras ipv6 dump ? Usage: dump Remarks: Creates a script that contains the current configuration. If saved to a file, this script can be used to restore altered configuration settings.
Displays a list of commands.
»netsh »ras »ipv6 »help
C:\Windows>netsh ras ipv6 help ? Usage: help Remarks: Displays a list of commands.
Sets configuration information.
»netsh »ras »ipv6 »set
C:\Windows>netsh ras ipv6 set ? The following commands are available: Commands in this context: set access - Sets whether clients are given access beyond the remote access server. set negotiation - Sets whether IPv6 is negotiated for client Remote Access connections. set prefix - Sets the prefix that RAS server uses. set routeradvertise - Configure the Router Advertisement option for IPv6 for the remote access server.
Sets whether clients are given access beyond the remote
»netsh »ras »ipv6 »set »access
C:\Windows>netsh ras ipv6 set access ? Usage: set access [mode = ] ALL|SERVERONLY Parameters: mode - what type of access to grant ALL - clients are able to reach the remote access server and any networks to which it is connected. SERVERONLY - clients are able to reach the remote access server only. Remarks: Specifies whether IPv6 network traffic from any client is forwarded to the network(s) to which the remote access server is connected.
Sets whether IPv6 is negotiated for client Remote Access connections.
»netsh »ras »ipv6 »set »negotiation
C:\Windows>netsh ras ipv6 set negotiation ? set negotiation [mode = ] ALLOW|DENY Specifies whether the Remote Access server will allow IPv6 to be configured for any client connections it accepts. mode - the mode ALLOW - permit IPv6 over client connections. DENY - do not permit IPv6 over client connections.
Sets the prefix that RAS server uses.
»netsh »ras »ipv6 »set »prefix
C:\Windows>netsh ras ipv6 set prefix ? set prefix [ prefix= ] <IPv6 Prefix> Sets the static IPv6 prefix that the Remote Access server uses to advertise to the clients. <IPv6 Prefix> - the IPv6 prefix in the form 'x:x:x:x::'
Configure the Router Advertisement option for IPv6 for
»netsh »ras »ipv6 »set »routeradvertise
C:\Windows>netsh ras ipv6 set routeradvertise ? Usage: set routeradvertise [mode= ] ENABLE|DISABLE Parameters: mode - Specifies the mode for routeradvertise option on this server. ENABLE - Enable the routeradvertise option DISABLE - Disable the routeradvertisement option Remarks: A default route is a route for the zero-length prefix A computer that is being used as an IPv6 router will not advertise itself as a default router unless it is configured with a default route (::/0) that is configured to be published.
Displays information.
»netsh »ras »ipv6 »show
C:\Windows>netsh ras ipv6 show ? The following commands are available: Commands in this context: show config - Displays current Remote Access IPv6 configuration.
Displays current Remote Access IPv6 configuration.
»netsh »ras »ipv6 »show »config
C:\Windows>netsh ras ipv6 show config ? show config Displays current Remote Access IPv6 configuration.
Sets configuration information.
»netsh »ras »set
C:\Windows>netsh ras set ? The following commands are available: Commands in this context: set authmode - Sets the authentication mode. set client - Reset the statistics or disconnect a Remote Access Client. set conf - Sets the configuration state of the server. set ikev2connection - Sets the idle timeout and network outage time values for IKEv2 connections. set ikev2saexpiry - Sets the IKEv2 Security Association's expiration controls. set portstatus - Resets the statistics information of RAS ports. set sstp-ssl-cert - Sets the current SSTP Certificate configuration set type - Sets the Router and RAS functionalities of the computer. set user - Sets the Remote Access properties of a user. set wanports - Sets the RAS WAN ports options.
Sets the authentication mode.
»netsh »ras »set »authmode
C:\Windows>netsh ras set authmode ? set authmode [mode = ] STANDARD|NODCC|BYPASS Sets the mode that determines whether and when dialin clients should be authenticated. mode - The mode STANDARD - All devices need to be authenticated. NODCC - Direct-connect devices are not authenticated. BYPASS - Authentication is not required for any device.
Reset the statistics or disconnect a Remote Access Client.
»netsh »ras »set »client
C:\Windows>netsh ras set client ? set client [name=] <str_clientname> [state=] disconnect | resetstats name - The user name of the client to disconnect or reset statistics state - Action to perform disconnect - Disconnect the specified user resetstats - Reset the statistics for the specified user
Sets the configuration state of the server.
»netsh »ras »set »conf
C:\Windows>netsh ras set conf ? set conf [confstate=] ENABLED|DISABLED Sets the configuration state of the server. confstate - The new state of the server : ENABLED - Enable the server. DISABLED - Disable the server and remove configurations.
Sets the idle timeout and network outage time values for IKEv2 connections.
»netsh »ras »set »ikev2connection
C:\Windows>netsh ras set ikev2connection ? set ikev2connection [ [idletimeout=] <idle_timeout> ] [ [nwoutagetime=] <nw_outage_time> ] Sets the idle timeout and network outage time values for IKEv2 client connections. idletimeout - Specify the idle timeout in minutes for IKEv2 client connections. This value is used to disconnect IKEv2 connections in case the client machine is idle. (minimum - 5 mins,maximum - 2879 mins(less than 48 hours)) nwoutagetime - Specify the network outage time value in minutes for IKEv2 client connections.(minimum 2 minutes)
Sets the IKEv2 Security Association's expiration controls.
»netsh »ras »set »ikev2saexpiry
C:\Windows>netsh ras set ikev2saexpiry ? set ikev2saexpiry [ [saexpirytime=] <sa_expiry_time> ] [ [sadatasizelimit=] <sa_datasize_limit> ] Sets the IKEv2 Security Association's expiration controls. saexpirytime - Specify the SA expiry value in minutes for IKEv2 client connections. (minimum - 5 mins,maximum - 2879 mins(less than 48 hours)) sadatasizelimit - Specify the SA datasize limit in MB.(minimum 1 MB)
Resets the statistics information of RAS ports.
»netsh »ras »set »portstatus
C:\Windows>netsh ras set portstatus ? set portstatus [ [name=] <port_name> ] Resets the statistics information of RAS ports. name - Name of the port. If none specified, resets statistics of all active ports.
Sets the current SSTP Certificate configuration
»netsh »ras »set »sstp-ssl-cert
C:\Windows>netsh ras set sstp-ssl-cert ? set sstp-ssl-cert [[name=] certname] [[hash=] hash] Set the current SSTP Certificate configuration. name - Specify the certificate name which should be used by SSTP hash - Specify the SHA-1 hash of the certificate which should be used by SSTP Example: Below Command set the SSTP to use certificate named Verisign netsh ras>set sstp-ssl-cert name=VeriSign OR Below Cmmand reset the SSTP Certificate configuration to default netsh ras>set sstp-ssl-cert name=default OR Below Cmmand set the SSTP to used certificate whose hash is provided netsh ras>set sstp-ssl-cert hash=4463c531d7ccc1006794612bb656d3bf8257846f
Sets the Router and RAS functionalities of the computer.
»netsh »ras »set »type
C:\Windows>netsh ras set type ? set type [ipv4rtrtype=] lanonly | lananddd | none [ipv6rtrtype=] lanonly | lananddd | none [rastype=] IPv4 | IPv6 | BOTH | NONE Sets the Router and RAS functionalities of the computer. ipv4rtrtype - Whether this computer is configured as IPv4 Router. LANONLY - Specifies that this computer is a LAN - only router and does not require Demand Dial or VPN connections. LANANDDD - Specifies that this computer is a LAN and Demand Dial router and supports VPN connections. NONE - Specifies that this computer is not enabled as a IPv4 router. ipv6rtrtype - Whether this computer is configured as IPv6 Router. LANONLY - Specifies that this computer is a LAN - only router and does not require Demand Dial or VPN connections. LANANDDD - Specifies that this computer is a LAN and Demand Dial router and supports VPN connections. NONE - Specifies that this computer is not enabled as a IPv6 router. rastype - Whether this computer is configured as Remote Access Server. IPv4 - Configured for IPv4. IPv6 - Configured for IPv6. BOTH - Configured for both IPv4 and IPv6. NONE - Not configured as a Remote Access Server.
Sets the Remote Access properties of a user.
»netsh »ras »set »user
C:\Windows>netsh ras set user ? set user [name = ] username [dialin = ] PERMIT|DENY|POLICY [ [cbpolicy = ] NONE|CALLER|ADMIN [cbnumber = ] callback number ] Sets user Remote Access properties. username - the user's logon name. dialin - whether the user will be allowed to dial in PERMIT - allow the user to dial in. DENY - do not allow the user to dial in. POLICY - use remote access policies to determine dialin. cbpolicy - the callback policy of the user. The callback feature is used to save the caller the cost of the phone call. NONE - callback is not allowed for the user CALLER - user can specify callback number at call time ADMIN - always call the user at the callback number cbnumber - the number to use when cbpolicy is ADMIN NOTE: The 'POLICY' option is not available for users that belong to a mixed-mode domain. For these users, 'POLICY' is assumed to mean 'DENY'.
Sets the RAS WAN ports options.
»netsh »ras »set »wanports
C:\Windows>netsh ras set wanports ? set wanports [device=] <devicename> [ [rasinonly=] enabled | disabled ] [ [ddinout=] enabled | disabled ] [ [ddoutonly=] enabled | disabled ] [ [phone=] <phonenumber> ] [ [maxports=] <numports> ] Sets the RAS WAN ports options. device - The device name of the port rasinonly - Inbound remote access connection ddinout - Demand dial in/outbound routing connection ddoutonly - Demand dial outbound routing connection phone - Phone number for the device. This will be a string taking phone number or VPI/VCI or IP address value maxports - Maximum number of ports for the device Example: netsh>ras set wanports device="WAN Miniport (PPTP)" rasinonly = enabled ddinout = enabled ddoutonly = disabled phone ="33525552" maxports=20 netsh>ras set wanports device="Standard 56000 bps Modem" rasinonly = disabled ddinout = enabled ddoutonly = disabled phone="9140559676"
Displays information.
»netsh »ras »show
C:\Windows>netsh ras show ? The following commands are available: Commands in this context: show activeservers - Listens for Remote Access server advertisements. show authmode - Shows the authentication mode. show authtype - Displays the authentication types currently enabled. show client - Shows Remote Access clients connected to this machine and their status. show conf - Shows the configuration state of the server. show ikev2connection - Shows the idle timeout and network outage time values for IKEv2 connections. show ikev2saexpiry - Shows the IKEv2 Security Association's expiration controls. show link - Shows the link properties PPP will negotiate show multilink - Shows the multilink types PPP will negotiate show portstatus - Shows the current status of RAS ports. show registeredserver - Displays whether a computer is registered as a Remote Access server in the Active Directory of the given domain. show sstp-ssl-cert - Shows the current SSTP Certificate configuration show status - Shows the status of the Routing and Remote Access Server. show type - Shows the Router and RAS functionalities of the computer. show user - Displays Remote Access properties for a user(s). show wanports - Shows the options set for RAS WAN ports.
Listens for Remote Access server advertisements.
»netsh »ras »show »activeservers
C:\Windows>netsh ras show activeservers ? show activeservers Listens for Remote Access server advertisements.
Shows the authentication mode.
»netsh »ras »show »authmode
C:\Windows>netsh ras show authmode ? show authmode Shows the authentication mode.
Displays the authentication types currently enabled.
»netsh »ras »show »authtype
C:\Windows>netsh ras show authtype ? show authtype Displays the authentication type(s) currently enabled.
Shows Remote Access clients connected to this machine
»netsh »ras »show »client
C:\Windows>netsh ras show client ? show client [[name=]<str_clientname>] Shows Remote Access clients connected to this machine or their status. Parameters None - Shows Remote Access clients connected to this machine. name - Shows the status of a given client connected to the machine. If this parameter is "*" , enumerates status of all clients.
Shows the configuration state of the server.
»netsh »ras »show »conf
C:\Windows>netsh ras show conf ? show conf Shows the configuration state of the server.
Shows the idle timeout and network outage time values for IKEv2 connections.
»netsh »ras »show »ikev2connection
C:\Windows>netsh ras show ikev2connection ? Shows the idle timeout and network outage time values for IKEv2 client connections. idletimeout - Shows the idle timeout in minutes for IKEv2 client connections. This value is used to disconnect IKEv2 connections in case the client machine is idle. nwoutagetime - Shows the network outage time value in minutes for IKEv2 client connections.
Shows the IKEv2 Security Association's expiration controls.
»netsh »ras »show »ikev2saexpiry
C:\Windows>netsh ras show ikev2saexpiry ? Shows the IKEv2 Security Association's expiration controls. saexpirytime - Shows the SA expiry value in minutes for IKEv2 client connections. sadatasizelimit - Shows the SA datasize limit in MB.
Shows the link properties PPP will negotiate
»netsh »ras »show »link
C:\Windows>netsh ras show link ? show link Shows the link properties PPP will negotiate.
Shows the multilink types PPP will negotiate
»netsh »ras »show »multilink
C:\Windows>netsh ras show multilink ? show multilink Shows the multilink types PPP will negotiate.
Shows the current status of RAS ports.
»netsh »ras »show »portstatus
C:\Windows>netsh ras show portstatus ? show portstatus [ name=<port_name> ] [ state=<enum> ] Shows the current status of RAS ports. name - Name of the port whose status to display state - Display ports with the specified state : nonoperational - Non operational ports disconnected - Disconnected ports callingback - Ports calling back listening - Ports listening authenticating - Ports authenticating connected - Authenticated and connected ports initializing - Ports initializing Example: netsh ras> show portstatus name=VPN0-127 netsh ras> show portstatus state=connected \
Displays whether a computer is registered as a
»netsh »ras »show »registeredserver
C:\Windows>netsh ras show registeredserver ? show registeredserver [ [domain = ] domain [server = ] server ] Displays whether the given computer is registered as a Remote Access server in the given domain. server - the computer name of the computer in question. If no server is specified the computer from which the command is issued is assumed. domain - the domain. If no domain is provided, the primary domain of the computer from which the command is issued is assumed.
Shows the current SSTP Certificate configuration
»netsh »ras »show »sstp-ssl-cert
C:\Windows>netsh ras show sstp-ssl-cert ? Shows the current SSTP Certificate configuration Friendly name - Certificate Friendly name Display name - Display Friendly name Issuer - Certificate is issued by this authority Expiry timestamp - Certificate is valid till this timestamp
Shows the status of the Routing and Remote Access Server.
»netsh »ras »show »status
C:\Windows>netsh ras show status ? show status Shows the status of a Routing and Remote Access Server
Shows the Router and RAS functionalities of the computer.
»netsh »ras »show »type
C:\Windows>netsh ras show type ? show type\ Shows the Router and RAS functionalities of the computer.
Displays Remote Access properties for a user(s).
»netsh »ras »show »user
C:\Windows>netsh ras show user ? show user [ [name = ] username [mode = ] PERMIT|REPORT ] Displays user Remote Access properties. username - the user's logon name. If none is supplied, all users will be displayed. mode - the mode for showing information. If no mode is specified, REPORT is assumed. REPORT - show all users. PERMIT - show only users whose dial in permission is PERMIT
Shows the options set for RAS WAN ports.
»netsh »ras »show »wanports
C:\Windows>netsh ras show wanports ? show wanports [ [device=] <devicename> ] Shows the options set for a RAS WAN port. devicename - The device name of the port Example: netsh ras> show wanports netsh ras> show wanports device="WAN Miniport (PPTP)"
- de -/- en -