Network shell (netsh) is a command-line utility that allows you to configure and display the status of various network communications server roles and components after they are installed on computers running Windows Server® 2008.
Some client technologies, such as Network Access Protection (NAP) client, also provide netsh commands that allow you to configure client computers running Windows Vista®.
In most cases, netsh commands provide the same functionality that is available when using the Microsoft Management Console (MMC) snap-in for each server role or component. In addition, there are netsh commands for network functionality, such as for IPv6, network bridge, and remote procedure call (RPC), that are not available in the user interface as an MMC snap-in.
You can use netsh commands to configure and display the status of network components on the local computer and on remote computers.
In addition, netsh commands can be run manually by typing commands at the netsh prompt and they can be run in batch files and scripts.
Netsh commands are organized in a hierarchy of contexts. Each network technology with netsh command functionality has its own context. For example, the netsh context for remote access service is ras.
Network communications technologies that provide netsh functionality
Netsh functionality is provided for some server roles, role services, features, and technologies.
Server roles and role services
The following server roles provide netsh command functionality:
- The Dynamic Host Configuration Protocol (DHCP) server role.
After installing the DHCP server role, you can configure the DHCP
server by using the commands at the netsh dhcp context. The context
for DHCP is netsh dhcp.
- The Network Policy and Access Services server role. This server
role provides netsh functionality for the following role services
after the role services are installed:
- Health Registration Authority (HRA). The context for HRA is
netsh nap hra.
- Network Policy Server (NPS). The context for NPS is netsh
- Routing and Remote Access. The contexts for Routing and Remote
Access are netsh routing and netsh ras.
- Health Registration Authority (HRA). The context for HRA is netsh nap hra.
Features and other network communications technologies
The following features provide netsh command functionality:
- Windows Internet Name Service (WINS). The context for WINS is
The following network communications technologies provide netsh functionality:
- DHCP client. The context for DHCP client is netsh
- Firewall. See Windows Firewall and Windows Firewall with
- Hypertext Transfer Protocol (HTTP). The context for HTTP is
- Internet Authentication Service. IAS is renamed to Network
Policy Server (NPS), and the context for NPS is netsh
- Internet Protocol version 4 (IPv4). The context for IPv4 is
netsh interface ip.
- Internet Protocol version 6 (IPv6). The context for IPv6 is
netsh interface ipv6.
- IPv4 and IPv6 network and application proxy. The context for
the IPv4 and IPv6 network and application proxy is netsh
- Internet Protocol security (IPsec). The context for IPsec is
- Local Area Network. See Wired Local Area Network.
- Network Access Protection (NAP). The context for NAP client is
netsh nap. In addition, NPS provides netsh commands at the
netsh nps context that allow you to configure NPS as a NAP
- Network Bridge. The context for network bridge is netsh
- Network input output (netio). The context for netio is netsh
- Remote Procedure Call (RPC). The context for RPC is netsh
- Windows Firewall. The context for Windows Firewall is netsh
- Windows Firewall with Advanced Security. The context for
Windows Firewall with Advanced Security is netsh
- Windows HTTP. The context for Windows HTTP is netsh
- Windows Sockets (winsock). The context for Windows Sockets is
- Wired Local Area Network (LAN). The context for wired LAN is
- Wireless LAN. The context for wireless LAN is netsh
The following sections provide information about the netsh commands and their use, including a comprehensive command reference with syntax and parameters for all commands.