Network shell (netsh) is a command-line utility that allows you to configure and display the status of various network communications server roles and components after they are installed on computers running Windows® 7, Windows Server® 2008 R2, Windows Vista®, or Windows Server® 2008.
Some client technologies, such as Network Access Protection (NAP) client, also provide netsh commands that allow you to configure client computers running Windows 7 or Windows Vista.
In most cases, netsh commands provide the same functionality that is available when using the Microsoft Management Console (MMC) snap-in for each server role or component. In addition, there are netsh commands for network functionality, such as for IPv6, network bridge, and remote procedure call (RPC), that are not available in the user interface as an MMC snap-in.
You can use netsh commands to configure and display the status of network components on the local computer and on remote computers.
In addition, netsh commands can be run manually by typing commands at the netsh prompt and they can be run in batch files and scripts.
Netsh commands are organized in a hierarchy of contexts. Each network technology with netsh command functionality has its own context. For example, the netsh context for remote access service is ras.
Network communications technologies that provide netsh functionality
Netsh functionality is provided for some server roles, role services, features, and technologies.
Server roles and role services
The following server roles provide netsh command functionality:
- The Dynamic Host Configuration Protocol
(DHCP) server role. After installing the DHCP server role, you can
configure the DHCP server by using the commands at the netsh dhcp
context. The context for DHCP is netsh dhcp.
- The Network Policy and Access Services server
role. This server role provides netsh functionality for the
following role services after the role services are installed:
- Health Registration Authority (HRA). The
context for HRA is netsh nap hra.
- Network Policy Server (NPS). The context for
NPS is netsh nps.
- Routing and Remote Access. The contexts for
Routing and Remote Access are netsh routing and netsh
- Health Registration Authority (HRA). The context for HRA is netsh nap hra.
Features and other network communications technologies
The following features provide netsh command functionality:
- Windows Internet Name Service (WINS). The
context for WINS is netsh wins.
The following network communications technologies provide netsh functionality:
- DHCP client. The context for DHCP client is
- Firewall. See Windows Firewall with Advanced
- Hypertext Transfer Protocol (HTTP). The
context for HTTP is netsh http.
- Internet Authentication Service. IAS is
renamed to Network Policy Server (NPS), and the context for NPS is
- Internet Protocol version 4 (IPv4). The
context for IPv4 is netsh interface ip.
- Internet Protocol version 6 (IPv6). The
context for IPv6 is netsh interface ipv6.
- IPv4 and IPv6 network and application proxy.
The context for the IPv4 and IPv6 network and application proxy is
netsh interface portproxy.
- Internet Protocol security (IPsec). The
context for IPsec is netsh ipsec.
Important The ipsec context is provided for backwards compatibility only. Use the advfirewall consec context instead.
- Local Area Network. See Wired Local Area
- Network Access Protection (NAP). The context
for NAP client is netsh nap. In addition, NPS provides netsh
commands at the netsh nps context that allow you to
configure NPS as a NAP policy server.
- Network Bridge. The context for network
bridge is netsh bridge.
- Network input output (netio). The context for
netio is netsh netio.
- Remote Procedure Call (RPC). The context for
RPC is netsh rpc.
- Windows Firewall. The context for Windows
Firewall is netsh firewall.
Important The firewall context is provided for backwards compatibility only. Use the advfirewall firewall context instead.
- Windows Firewall with Advanced Security. The
context for Windows Firewall with Advanced Security is netsh
- Windows HTTP. The context for Windows HTTP is
- Windows Sockets (winsock). The context for
Windows Sockets is netsh winsock.
- Wired Local Area Network (LAN). The context
for wired LAN is netsh lan.
- Wireless LAN. The context for wireless LAN is
The following sections provide information about the netsh commands and their use, including a comprehensive command reference with syntax and parameters for all commands.