The following commands are specific to the ras AAAA context within the Netsh environment.
To view the command syntax, click a command:
Add commands
Delete commands
Set commands
Show commands
Netsh commands for ras AAAA
The following entries provide details for each command.
dump
Displays the AAAA configuration of a remote access server in script form.
Syntax
dump
Remarks
- You can dump the contents of the current
configuration to a file that can be used to restore altered
configuration settings.
Example
The following commands save the current configuration as a script in the c:\test\rasAAAAcfg.dmp file.
- From the command prompt:
netsh ras aaaa dump > c:\test\rasAAAAcfg.dmp
- From the netsh ras aaaa context prompt:
set file open c:\test\rasAAAAcfg.dmp
dump
set file close
You can use the netsh exec command to run the script created by the netsh dump command.
add acctserver
Specifies a RADIUS server to use for accounting.
Syntax
add acctserver
[ name = ] ServerID
[ [ secret = ] SharedSecret ]
[ [ init-score = ] ServerPriority ]
[ [ port = ] Port ]
[ [ timeout = ] Seconds ]
[ [ messages = ] { enabled | disabled } ]
Parameters
- [ name = ] ServerID
- Required. Specifies the RADIUS server by IP address or DNS name.
- [ secret = ] SharedSecret
- Specifies the preshared key.
- [ init-score = ] ServerPriority
- Specifies the initial server priority score.
- [ port = ] Port
- Specifies the TCP port number to which accounting requests should be sent.
- [ timeout = ] Seconds
- Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
- [ messages = ] { enabled | disabled }
- Specifies whether to send accounting on/off messages. The enabled parameter specifies that messages should be sent. The disabled parameter specifies that messages should not be sent.
delete acctserver
Deletes a RADIUS accounting server.
Syntax
delete acctserver
[ name = ] ServerID
Parameters
- [ name = ] ServerID
- Required. Specifies which server to delete, by DNS name or IP address.
set acctserver
Provides the IP address or the DNS name of a RADIUS server to use for accounting. This command performs the same task, and uses the same parameters as the add acctserver command.
Syntax
set acctserver
[ name = ] ServerID
[ [ secret = ] SharedSecret ]
[ [ init-score = ] ServerPriority ]
[ [ port = ] Port ]
[ [ timeout = ] Seconds ]
[ [ messages = ] { enabled | disabled } ]
Parameters
- [ name = ] ServerID
- Required. Specifies the RADIUS server by IP address or DNS name.
- [ secret = ] SharedSecret
- Specifies the preshared key.
- [ init-score = ] ServerPriority
- Specifies the initial server priority score.
- [ port = ] Port
- Specifies the TCP port number to which accounting requests should be sent.
- [ timeout = ] Seconds
- Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
- [ messages = ] { enabled | disabled }
- Specifies whether to send accounting on/off messages. The enabled parameter specifies that messages should be sent. The disabled parameter specifies that messages should not be sent.
show acctserver
Displays detailed information about an accounting server. Used without parameters, show acctserver displays information about all configured accounting servers.
Syntax
show acctserver
[ [ name = ] ServerID ]
Parameters
- [ name = ] ServerID
- Specifies the RADIUS server about which to display information, by DNS name or IP address.
add authserver
Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed.
Syntax
add authserver
[ name = ] ServerID
[ [ secret = ] SharedSecret ]
[ [ init-score = ] ServerPriority ]
[ [ port = ] Port ]
[ [ timeout = ] Seconds ]
[ [ signature = ] { enabled | disabled } ]
Parameters
- [ name = ] ServerID
- Required. Specifies the RADIUS server by IP address or DNS name.
- [ secret = ] SharedSecret
- Specifies the preshared key.
- [ init-score = ] ServerPriority
- Specifies the initial server priority score.
- [ port = ] Port
- Specifies the TCP port number to which authentication requests should be sent.
- [ timeout = ] Seconds
- Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
- [ signatures = ] { enabled | disabled }
- Specifies whether to use digital signatures. The enabled parameter specifies that digital signatures should be used. The disabled parameter specifies that digital signatures should not be used.
delete authserver
Deletes a RADIUS authentication server.
Syntax
delete authserver
[ name = ] ServerID
Parameters
- [ name = ] ServerID
- Required. Specifies which server to delete, by DNS name or IP address.
set authserver
Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed. This command performs the same task, and uses the same parameters as the add authserver command.
Syntax
set authserver
[ name = ] ServerID
[ [ secret = ] SharedSecret ]
[ [ init-score = ] ServerPriority ]
[ [ port = ] Port ]
[ [ timeout = ] Seconds ]
[ [ signature = ] { enabled | disabled } ]
Parameters
- [ name = ] ServerID
- Required. Specifies the RADIUS server by IP address or DNS name.
- [ secret = ] SharedSecret
- Specifies the preshared key.
- [ init-score = ] ServerPriority
- Specifies the initial server priority score.
- [ port = ] Port
- Specifies the TCP port number to which authentication requests should be sent.
- [ timeout = ] Seconds
- Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.
- [ signatures = ] { enabled | disabled }
- Specifies whether to use digital signatures. The enabled parameter specifies that digital signatures should be used. The disabled parameter specifies that digital signatures should not be used.
show authserver
Displays detailed information about an authentication server. Used without parameters, show authserver displays information about all configured authentication servers.
Syntax
show authserver
[ [ name = ] ServerID ]
Parameters
- [ [ name = ] ServerID ]
- Specifies the RADIUS server about which to display information, by DNS name or IP address.
set accounting
Specifies the accounting provider.
Syntax
set accounting { windows | radius | none }
Parameters
- { windows | radius | none }
- Required. Specifies whether accounting should be performed and by which server. The windows parameter specifies that Windows security on the local RRAS server should perform accounting. The radius parameter specifies that a RADIUS server should perform accounting. The none parameter specifies that no accounting should be performed.
show accounting
Displays the currently configured accounting provider.
Syntax
show accounting
set authentication
Specifies the authentication provider.
Syntax
set authentication { windows | radius }
Parameters
- { windows | radius }
- Required. Specifies which technology should perform authentication. The windows parameter specifies that Windows security on the local RRAS server should perform authentication. The radius parameter specifies that a RADIUS server should perform authentication.
show authentication
Displays the currently configured authentication provider.
Syntax
show authentication
set ipsecpolicy
Sets the IPsec policy for the L2TP connection.
Syntax
set ipsecpolicy
[ psk = ] { enabled | disabled }
[ secret = ] SharedSecret
Parameters
- [ psk = ] { enabled | disabled }
- Required. Specifies whether an L2TP connection uses an IPsec policy configured to use either a preshared key or certificates. The enabled parameter specifies that the IPsec policy uses an IPsec policy configured with a preshared key. The disabled parameter specifies that the IPsec policy is set to use certificates.
- [ secret = ] SharedSecret
- Required when psk authentication is enabled. Specifies the preshared key to be used with the custom IPsec policy.
Example
The following sets the IPsec policy for the L2TP connection.
set ipsecpolicy psk=enabled secret="P@ssword"
show ipsecpolicy
Shows whether the IPsec policy for the L2TP connection is configured to use a preshared key or certificates.
Syntax
show ipsecpolicy