Windows netsh networking

From Ever changing code
Jump to navigation Jump to search

Examples of use of netsh.exe Windows command-line utility to manipulate local or remote machine network configuration

List IPv4 and IPv6 addresses

It gives nicer output than ipconfig 

netsh interface ip show addresses
netsh interface ipv6 show addresses

Set IPv4 address

netsh interface ip set address "Ethernet" static hostipaddress 255.255.255.0 hostgatewayaddress
netsh interface ip set address "Ethernet" static 10.50.10.41 255.255.255.0 10.50.41.1

Set IPv6 address

Configure interface with ipv6 address, interface name "Local Area Connection" 

netsh interface ipv6 set address "Local Area Connection" 2001:db8:acad:1::3

Import wireless profile

Export profile
Netsh wlan export profile folder= PathAndFileName [[name=] ProfileName] 	[[interface=] InterfaceName] [[key=] clear]
Netsh wlan export profile folder=%USERPROFILE%\Downloads\Wifiprofiles name=Guest_wireless interface="Wireless Network Connection"
Import profile
Netsh wlan add profile filename= PathAndFileName [[interface=]InterfaceName] [[user=]{all|current}]
Netsh wlan add profile filename="Wireless Network Connection-Guest_wireless.xml" interface="Wireless Network Connection" user=all

Check wireless card band capability - 2.4Ghz or 5Ghz

OS: Windows 7, not recognized on W2012R2 Data Center 

netsh wlan show drivers
Netsh-wlan-bands
  • If the network adapter supports network modes 802.11g and 802.11n:
    • The computer has 2.4 GHz network capability ONLY & IS NOT Dual-Band Capable.
  • If the network adapter supports network modes 802.11a and 802.11g and 802.11ac and 802.11n:
    • The computer has 2.4 GHz and 5GHz network capability IS Dual-Band Compable.
  • The network adapter supports network modes 802.11n and 802.11g and 802.11b:
    • The computer has 2.4GHz network capability ONLY & IS NOT Dual-Band Capable.

Firewall

netsh firewall command has been deprecated in Windows Server 2012 in favour of a new command netsh advfirewall firewall.

Show all rules

netsh advfirewall firewall show rule name=all

Enable/disable firewall

netsh advfirewall set allprofiles state on

Reset a firewall to defaults

netsh advfirewall reset

Set firewall log file from default \Windows\system32\LogFiles\Firewall\pfirewall.log to eg. C:\temp directory

netsh advfirewall set currentprofile logging filename "C:\temp\pfirewall.log"

Export / import FW settings

netsh advfirewall export "C:\temp\WFconfiguration.wfw"

ICMP settings

netsh firewall set icmpsetting 8 enable|disable
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow|block
netsh advfirewall firewall delete rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in 

netsh firewall set icmpsetting type=ALL mode=enable
netsh advfirewall firewall add rule name="All ICMP V4" protocol=icmpv4:any,any dir=in action=allow

netsh firewall set icmpsetting 13 disable all
netsh advfirewall firewall add rule name="Block Type 13 ICMP V4" protocol=icmpv4:13,any dir=in action=block

Tracing

References

Netsh tracing isc.sans.edu

Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Windows_netsh_networking&oldid=1777