Netsh Routing IP NAT Context Commands

The following commands are specific to the routing IP NAT context within the Netsh environment.

To view the command syntax, click a command:

Add commands

Delete commands

Set commands

Show commands

Netsh commands for routing IP NAT

The following entries provide details for each command.

dump

Displays the Network Address Translation (NAT) configuration of a remote access server in script form.

Syntax

dump

Remarks

  • You can dump the contents of the current configuration to a file that can be used to restore altered configuration settings.

Example

The following is the command to save the current configuration as a script in the routingipnat.dmp file.

dump > routingipnat.dmp

add addressmapping

Adds an IP address mapping to the Network Address Translation (NAT) address pool for the specified interface.

Syntax

add addressmapping

[name=] InterfaceName

[public=] IPAddress

[private=] IPAddress

[inboundsessions=] {enable | disable}

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface on which you want to use network address translation. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[public=] IPAddress


Required. Specifies the IP address used on a public network.
[private=] IPAddress


Required. Specifies the IP address in the pooled range of addresses available for use on the private network.
[inboundsessions=] {enable | disable}


Required. Specifies whether inbound sessions are enabled or disabled. The enable parameter specifies that inbound sessions are enabled. The disable parameter specifies that inbound sessions are disabled.

Example

To map the public IP address 11.11.11.1 to the private IP address 10.10.10.1 and to disable inbound sessions for this NAT table mapping, type:

add addressmapping name="Local Area Connection" 11.11.11.1 10.10.10.1 disable

add addressrange

Adds an address range to the Network Address Translation (NAT) address pool for the specified interface.

Syntax

add addressrange

[name=] InterfaceName

[start=] IPAddress

[end=] IPAddress

[mask=] SubnetMask

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface to whose address pool you want to add an address range.
[start=] IPAddress


Required. Specifies the starting IP address for the address range.
[end=] IPAddress


Required. Specifies the ending IP address for the address range.
[mask=] SubnetMask


Required. Specifies the IP subnet mask associated with the network range bounded by the start and end IP addresses.

Example

To add an address range to the NAT address pool with addresses 10.10.10.1 to 10.10.10.254 and a subnet mask of 255.255.255.0, type:

add addressrange name="Local Area Connection" 10.10.10.1 10.10.10.254 255.255.255.0

add ftp

Enables the FTP proxy on the Network Address Translation (NAT) server.

Syntax

add ftp

add interface

Configures Network Address Translation (NAT) on the specified interface.

Syntax

add interface

[name=] InterfaceName

[[mode=] {full | addressonly | private}]

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface on which you want to configure NAT. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[[mode=] {full | addressonly | private}]


Specifies whether the interface uses full, addressonly, or private mode. The full parameter specifies full (address and port) translation mode is enabled. The addressonly parameter specifies address-only translation mode is enabled. The private parameter specifies private mode is enabled.

Example

To add NAT with address and port translation enabled on the Local Area Connection interface, type:

add interface "Local Area Connection" full

add portmapping

Adds a protocol port mapping on the Network Address Translation (NAT)-enabled interface.

Syntax

add portmapping

[name=] InterfaceName

[proto=] {tcp | udp}

[publicip=] {IPAddress | 0.0.0.0}

[publicport=] Integer

[privateip=] IPAddress

[privateport=] Integer

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to add a port mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[proto=] {tcp | udp}


Required. Specifies whether the protocol type is set to TCP or UDP.
[publicip=] {IPAddress | 0.0.0.0}


Required. Specifies an external IP address on the public network or 0.0.0.0 to indicate any IP address not specified within the private network address range.
[publicport=] Integer


Required. Specifies the public protocol port by using a number from zero to 9999.
[privateip=] IPAddress


Required. Specifies an IP address within the private network range.
[privateport=] Integer


Required. Specifies the private protocol port by using a number from zero to 9999.

Example

To add a port mapping of protocol type tcp, public port 80, private ip 10.0.0.1, private port 80, to any public IP address not specified within the private network address range, type:

add portmapping name="Local Area Connection" tcp 0.0.0.0 80 10.0.0.1 80

delete addressmapping

Deletes an address mapping from the Network Address Translation (NAT) address pool for the specified interface.

Syntax

delete addressmapping

[name=] InterfaceName

[[public=] IPAddress]

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to delete an address mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[[public=] IPAddress]


Specifies the IP address to be deleted. If you do not specify an address, all address mappings from the NAT address pool are deleted from the interface.

Example

To delete 11.11.11.1 from the NAT interface address pool, type:

delete addressmapping "Local Area Connection" 11.11.11.1

delete addressrange

Deletes an address range from the Network Address Translation (NAT) address pool for the specified interface.

Syntax

delete addressrange

[InterfaceName=] InterfaceName

[start=] IPAddress

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface from which you want to delete an address range. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[start=] IPAddress


Required. Specifies the starting IP address of the range you want to delete.

Example

To delete an address range from the NAT address pool with address 10.10.10.1, type:

delete addressrange name="Local Area Connection" 10.10.10.1

delete ftp

Disables the FTP proxy on the Network Address Translation (NAT) server.

Syntax

delete ftp

delete interface

Removes Network Address Translation (NAT) from the specified interface.

Syntax

delete interface

[name=] InterfaceName

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to remove the use of NAT. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

Example

To remove NAT from the Local Area Connection interface, type:

delete interface "Local Area Connection"

delete portmapping

Deletes a protocol port mapping from the specified Network Address Translation (NAT)-enabled interface.

Syntax

delete portmapping

[name=] InterfaceName

[[proto=] {tcp | udp}]

[publicip=] {IPAddress | 0.0.0.0}]

[[publicport=] Integer]

[[privateip=] IPAddress]

[privateport=] Integer]

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to delete a port mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[[proto=] {tcp | udp}]


Specifies the protocol type. The tcp parameter specifies that the protocol type is Transmission Control Protocol. The udp parameter specifies that the protocol type is User Datagram Protocol.
[[publicip=] {IPAddress | 0.0.0.0}]


Specifies an external IP address on the public network or 0.0.0.0 to indicate any IP address not specified within the private network address range.
[[publicport=] Integer]


Specifies the public protocol port by using a number from zero to 9999.
[[privateip=] IPAddress]


Specifies an IP address within the private network range.
[[privateport=] Integer]


Specifies the private protocol port by using a number from zero to 9999.

Example

To remove a port mapping from a NAT-enabled interface, type:

delete portmapping name="Local Area Connection" tcp 0.0.0.0 80

set global

Sets global parameters for Network Address Translation (NAT).

Syntax

set global

{[[tcptimeoutmins=] Integer] | [[udptimeoutmins=] Integer] | [[loglevel=] {none | error | warn | info}]}

Parameters

{[[tcptimeoutmins=] Integer]


Specifies, in minutes, the timeout value for TCP mappings.
[[udptimeoutmins=] Integer]


Specifies, in minutes, the timeout value for UDP mappings.
[[loglevel=] {none | error | warn | info}]}


Specifies which events should be logged. The none parameter specifies that no events related to NAT should be logged. The error parameter specifies that only errors related to NAT should be logged. The warn parameter specifies that only warnings related to NAT should be logged. The info parameter specifies that all events related to NAT should be logged.

Example

To set global NAT parameters to be 1 day (1440 minutes) for TCP mappings timeout, 1 minute for UDP mappings timeout, and NAT error logging, type:

set global tcptimeoutmins=1440 udptimeoutmins=1 loglevel=error

set interface

Configure Network Address Translation (NAT) parameters for the specified interface.

Syntax

set interface

[name=] InterfaceName

[mode=] {full | addressonly | private}

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to configure parameters. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").
[mode=] {full | addressonly | private}


Required. Specifies whether the interface should be enabled for full, addressonly, or private mode. The full parameter specifies full (address and port) translation mode is enabled. The addressonly parameter specifies address-only translation mode is enabled. The private parameter specifies private mode is enabled.

Example

To configure NAT with address and port translation enabled on the Local Area Connection interface, type:

set interface "Local Area Connection" full

show global

Displays Network Address Translation (NAT) global configuration.

Syntax

show global

show interface

Displays Network Address Translation (NAT) configuration for the specified interface. Used without parameters, show interface displays NAT configuration information for all interfaces.

Syntax

show interface

[name=] InterfaceName

Parameters

[name=] InterfaceName


Required. Specifies, by name, the interface for which you want to display information. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

install

Installs the routing protocol under IP.

Syntax

install

uninstall

Removes the routing protocol corresponding to the current context.

Syntax

uninstall