Netsh Overview
Netsh is a command-line scripting utility that allows you to display or modify the network configuration of a computer that is currently running. Netsh commands can be run by typing commands at the netsh prompt and they can be used in batch files or scripts. Remote computers and the local computer can be configured by using netsh commands.

Netsh also provides a scripting feature that allows you to run a group of commands in batch mode against a specified computer. With netsh, you can save a configuration script in a text file for archival purposes or to help you configure other computers.

Netsh contexts
Netsh interacts with other operating system components by using dynamic-link library (DLL) files. Each netsh helper DLL provides an extensive set of features called a context, which is a group of commands specific to a networking component. These contexts extend the functionality of netsh by providing configuration and monitoring support for one or more services, utilities, or protocols. For example, Dhcpmon.dll provides netsh with the context and set of commands necessary to configure and manage DHCP servers.

Running netsh commands

To run a netsh command, you must start netsh from the command prompt by typing netsh and then pressing ENTER. Next, you can change to the context that contains the command you want to use. The contexts that are available depend on the networking components that you have installed. For example, if you type dhcp at the netsh prompt and press ENTER, netsh changes to the DHCP server context. If you do not have DHCP installed, however, the following message appears:

The following command was not found: dhcp.

1.Quickly Turn ON/OFF Windows Firewall Using Command Line 

To Turn Off:

NetSh Advfirewall set allprofiles state off

To Turn On:

NetSh Advfirewall set allrprofiles state on

To check the status of Windows Firewall:

Netsh Advfirewall show allprofiles 

2.Displaying DHCP server activity using Netsh

C:\>netsh dhcp server show mibinfo 

3.Authorizing a DHCP server using Netsh  

You can use the Netsh command to authorize a DHCP server from the command line. In an Active Directory environment, you must first authorize your DHCP server before it can lease addresses to clients.

For example, to authorize a DHCP server named AAPAC-DHCP-SRV01 in the CONTOSO domain and which has IP address, type the following command:
netsh dhcp add server

To verify the result, type this command:
netsh dhcp show server

If you decide later to remove the server from your network, you can unauthorized it by typing:
netsh dhcp delete server 

4. Default Dynamic Port Range (It works vista, win7, 2008 and later version)

To see the port range, you can use the following commands:

NetSh INT IPV4 Show DynamicPort TCP

NetSh INT IPV4 Show DynamicPort UDP

To set or change the Dynamic Port Range:

NetSh INT IPV4 SET DynamicPort TCP Start=1024 num=65535

NetSh INT IPV4 SET DynamicPort UDP Start=1024 num=65535 

5. How to check the current IP settings?

netsh interface ip show config 

6. How to change the preferred DNS server IP?

netsh interface ip set dns "Local Area Connection" static

(Above command will overwrite the exsisting one)

netsh interface ip add dns name="Local Area Connection" addr=

(Above command will not overwrite the exsisting one but add the secondary dns)

netsh interface ip add dns name="Local Area Connection" addr= index=2 

7. DHCP Server Migration

netsh dhcp server export C:\dhcp.txt al
netsh dhcp server import C:\dhcp.txt all 

netsh dhcp server \\rumor export C:\dhcp.txt all 

C:\>netsh dhcp server \\mst-ads01 show optionvalue >>c:\DHCPConfig.txt

C:\>netsh dhcp server \\mst-ads01 show scope dump  >> c:\Dhcp_scopes.txt 

Event Type:           Information
Event Source:       DhcpServer
Event Category:    None
Event ID:                1044
Date:                      1/20/2011
Time:                      1:18:18 PM
User:                      N/A
Computer:             RUMOR
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain, has determined that it is authorized to start. It is servicing clients now.
For more information, see Help and Support Center at
0000: 00 00 00 00 

Above event is applicable for 2003 and 2008 as well        ....    .

8.NPS import command

netsh nps import <path>\ias.txt
For details see the below links.




Also see the below links. 

Leave a Comment
  • Please add 3 and 6 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
  • Richard Mueller edited Revision 7. Comment: Changed tag "Windows  2008" to "Windows Server 2008", and tag "Windows 2008R2" to ""Windows Server 2008 R2"

Page 1 of 1 (1 items)