The following commands are specific to the ras AAAA context within the Netsh environment.

To view the command syntax, click a command:

Add commands

Delete commands

Set commands

Show commands

Netsh commands for ras AAAA

The following entries provide details for each command.

dump

Displays the AAAA configuration of a remote access server in script form.

Syntax

dump

Remarks

  • You can dump the contents of the current configuration to a file that can be used to restore altered configuration settings.

Example

The following is the command to save the current configuration as a script in the rasaaaacfg.dmp file.

dump > rasaaaacfg.dmp

add acctserver

Specifies the IP address or the Domain Name System (DNS) name of a RADIUS server to use for accounting.

Syntax

add acctserver

[name=] ServerID

[[secret=] SharedSecret]

[[init-score=] ServerPriority]

[[port=] Port]

[[timeout=] Seconds]

[[messages] {enabled | disabled}]

Parameters

[name=] ServerID


Required. Specifies, by IP address or DNS name, the RADIUS server.
[[secret=] SharedSecret]


Specifies the preshared key.
[[init-score=] ServerPriority]


Specifies the initial score (server priority).
[[port=] Port]


Specifies the port to which accounting requests should be sent.
[[timeout=] Seconds]


Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
[[messages] {enabled | disabled}]


Specifies whether to send accounting on/off messages. The enabled parameter specifies that messages should be sent. The disabled parameter specifies that messages should not be sent.

delete acctserver

Deletes a RADIUS accounting server.

Syntax

delete acctserver

[name=] ServerID

Parameters

[name=] ServerID


Required. Specifies, by DNS name or IP address, which server to delete.

set acctserver

Provides the IP address or the DNS name of a RADIUS server to use for accounting.

Syntax

add acctserver

[name=] ServerID

[[secret=] SharedSecret]

[[init-score=] ServerPriority]

[[port=] Port]

[[timeout=] Seconds]

[[messages] {enabled | disabled}]

Parameters

[name=] ServerID


Required. Specifies, by IP address or DNS name, the RADIUS server.
[[secret=] SharedSecret]


Specifies the preshared key.
[[init-score=] ServerPriority]


Specifies the initial score (server priority).
[[port=] Port]


Specifies the port on which to send the authentication requests.
[[timeout=] Seconds]


Specifies, in seconds, the amount of time that should elapse before the RADIUS server is marked unavailable.
[[messages=] {enabled | disabled}]


Specifies whether accounting on/off messages should be sent.

show acctserver

Displays detailed information about an accounting server. Used without parameters, show acctserver displays information about all configured accounting servers.

Syntax

show acctserver

[[name=] ServerID]

Parameters

[name=] ServerID


Specifies, by DNS name or IP address, the RADIUS server about which to display information.

add authserver

Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed.

Syntax

add authserver

[name=] ServerID

[[secret=] SharedSecret]

[[init-score=] ServerPriority]

[[port=] Port]

[[timeout=] Seconds]

[[signature] {enabled | disabled}]

Parameters

[name=] ServerID]


Required. Specifies, by IP address or DNS name, the RADIUS server.
[[secret=] SharedSecret]


Specifies the preshared key.
[[init-score=] ServerPriority]


Specifies the initial score (server priority).
[[port=] Port]


Specifies the port to which authentication requests should be sent.
[[timeout=] Seconds]


Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
[[signature] {enabled | disabled}]


Specifies whether to use digital signatures. The enabled parameter specifies that digital signatures should be used. The disabled parameter specifies that digital signatures should not be used.

delete authserver

Deletes a RADIUS authentication server.

Syntax

delete authserver

[name=]ServerID

Parameters

[name=] ServerID


Required. Specifies, by DNS name or IP address, which server to delete.

set authserver

Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed.

Syntax

set authserver

[name=] ServerID

[[secret=] SharedSecret]

[[init-score=] ServerPriority]

[[port=] Port]

[[timeout=] Seconds]

[[signature] {enabled | disabled}]

Parameters

[name=] ServerID]


Required. Specifies, by IP address or DNS name, the RADIUS server.
[[secret=] SharedSecret]


Specifies the preshared key.
[[init-score=] ServerPriority]


Specifies the initial score (server priority).
[[port=] Port]


Specifies the port on which to send the authentication requests.
[[timeout=] Seconds]


Specifies the amount of time, in seconds, that should elapse before the RADIUS server is marked unavailable.
[[signature=] { enabled | disabled}]


Specifies whether digital signatures should be used.

show authserver

Displays detailed information about an authentication server. Used without parameters, show authserver displays information about all configured authentication servers.

Syntax

show authserver

[[name=] ServerID]

Parameters

[[name=] ServerID]


Specifies, by DNS name or IP address, the RADIUS server about which to display information.

set accounting

Specifies the accounting provider.

Syntax

set accounting {windows | radius | none}

Parameters

{windows | radius | none}


Required. Specifies whether accounting should be performed and by which server. The windows parameter specifies that Windows security should perform accounting. The radius parameter specifies that a RADIUS server should perform accounting. The none parameter specifies that no accounting should be performed.

show accounting

Displays the accounting provider.

Syntax

show accounting

set authentication

Specifies the authentication provider.

Syntax

set authentication {windows | radius}

Parameters

{windows | radius}


Required. Specifies which technology should perform authentication. The windows parameter specifies that Windows security should perform authentication. The radius parameter specifies that a RADIUS server should perform authentication.

show authentication

Displays the authentication provider.

Syntax

show authentication

set ipsecpolicy

Sets the IPsec policy for the L2TP connection.

Syntax

set ipsecpolicy

[psk = ] {enabled | disabled}

[secret = ] SharedSecret

Parameters

[psk = ] {enabled | disabled}


Required. Specifies whether an L2TP connection can use a custom IPsec policy. The enabled parameter specifies that the IPsec policy is set to a custom IPsec policy using a preshared key. The disabled parameter specifies that the IPsec policy is set to certificate.
[secret = ] SharedSecret


Required when psk authentication is enabled. Specifies the preshared key to be used with the custom IPsec policy.

Example

The following sets the IPsec policy for the L2TP connection.

set ipsecpolicy psk=enabled secret="P@ssword"

show ipsecpolicy

Shows the IPsec policy for the L2TP connection.

Syntax

show ipsecpolicy

  • Netsh RAS Commands
  • Netsh RAS Diagnostic Context Commands