Network Configuration Tasks with Netsh

Simple commands to manage Windows Firewall, network adapters, and other system configurations

Michael Otey

November 5, 2009

3 Min Read
ITPro Today logo in a gray background | ITPro Today

Netsh is a powerful and indispensible command-line tool for updating Windows network configuration settings. However, the variety of options available with Netsh can make it confusing to work with. In this column, I'll show you ten ready-to-use examples of Netsh commands for some of the most widely used network functions. For more information about Netsh, you can download "Windows Server 2008 Network Shell (Netsh) Technical Reference" from the Microsoft Download Center.

10. Show the system's current IP configuration—You can use the following command to see if the system is using DHCP or static addressing as well as to show the system's current IP address, submask, gateway address, and DNS server:

netsh interface ip show config 

9. Configure a remote system—One of the best features of the Netsh command is its ability to work with remote systems as easily as it can local systems. The set machine command changes the computer that the Netsh command operates on to a different system on the network. For this command to work, you need to be logged on with an account that has administrative rights on the remote system:

netsh set machine win2008-2 

8. Working with IPv6—Netsh commands work with both Windows IPv4 and IPv6 network stacks. To display your system's IPv6 address, use the following Netsh command:

netsh interface ipv6 show address 

7. Enable and disable Windows Firewall—Netsh can work with the built-in Windows Firewall. With the release of Windows Server 2008, the older Netsh firewall commands have been deprecated and replaced by the advfirewall commands. The following commands show how to disable then re-enable the Windows Firewall:

netsh advfirewall set currentprofile state off
netsh advfirewall set currentprofile state on 

6. Open a firewall port—You can also use Netsh to open ports in the firewall for various applications. The following example shows how to open TCP port 1434 for Microsoft SQL Server access:

netsh advfirewall firewall
  add rule name="SQL Server"
  dir=in action=allow
  protocol=TCP localport=1434 

5. Display network adapters and their status—Many of the Netsh configuration commands require you to supply the name of the interface that you want to configure. The default value is usually Local Area Connection, but many administrators and users change this value. To find the name of the system's network adapters or a system's wireless network adapters, use the following commands:

netsh interface show interface
netsh wlan show interface 

4. Configure a network adapter to use a static IP address—The following example shows how you use Netsh to set the IP address of the network adapter named Local Area Connection to 192.168.0.100, the subnet mask to 255.255.255.0, and the gateway address to 192.168.0.254:

netsh interface ip
  set address "Local Area Connection"
  static 192.168.0.100
  255.255.255.0 192.168.0.254 1 

3. Configure a network adapter with the address of a DNS server—When you change the system's IP address type to static, you typically need to change the DNS configuration as well. This example shows how you use Netsh to configure the Local Area Connection to use a DNS server with the address 192.168.0.2:

netsh interface ip
  set dns "Local Area Connection"
  static 192.168.0.2 

2. Add a second DNS server to a network adapter's configuration—Many networks use multiple DNS servers. To add a secondary DNS server with the address 192.168.0.3, use the following command:

netsh interface ip
  add dnsserver "Local Area Connection"
  192.168.0.3 

1. Set a network adapter to use a DHCP-assigned IP address—You can also use Netsh to set your system's network adapter to use a DHCP server for its IP address and to dynamically obtain the address of your network's DNS servers. The following Netsh command configures your network adapter to use DHCP and DNS:

netsh interface ip
 set dns "Local Area Connection" dhcp 
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like