Cyberithub

31 Most Useful netsh command examples in Windows

Table of Contents

Advertisements

In this article, I will take you through 31 Most Useful netsh command examples in Windows. netsh also known as Network Shell is a windows based command line utility to manage network interfaces and its configurations. netsh command can also be used for network troubleshooting purposes. You can capture network packets in a local file to help troubleshooting the networking issues. There are several other tasks that can be accomplished using netsh command which we will see in detail using some real world examples in below Section. More on Microsoft docs.

31 Most Useful netsh command examples in Windows

Most Useful netsh command examples in Windows

Also Read: 27 Useful net command examples to Manage Windows Resources

Example 1: How to Check all Windows Firewall Rules

If you want to check all the current Windows Firewall Rules then you need to use netsh advfirewall firewall show rule name=all command as shown below.

C:\>netsh advfirewall firewall show rule name=all

Rule Name: Microsoft Edge (mDNS-In)
----------------------------------------------------------------------
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping: Microsoft Edge
LocalIP: Any
RemoteIP: Any
Protocol: UDP
LocalPort: 5353
RemotePort: Any
Edge traversal: No
Action: Allow

 

Example 2: How to Show all Firewall rules for Current Profile

If you are only interested in current profile firewall rules then you need to use netsh advfirewall show currentprofile command as shown below.

C:\>netsh advfirewall show currentprofile

Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Enable

Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096

Ok.

 

Example 3: How to Check Network Interface Status

If you want to check all the network interface status then you need to use netsh interface show interface command as shown below.

C:\>netsh interface show interface

Admin State State Type Interface Name
-------------------------------------------------------------------------
Enabled Connected Dedicated Wi-Fi
Enabled Disconnected Dedicated Ethernet 2
Enabled Connected Dedicated VirtualBox Host-Only Network
Enabled Disconnected Dedicated Ethernet

 

Example 4: How to Check Index Number of all the Network Interfaces

If you want to check the Index number(Idx) of all the network interfaces then you can use netsh interface ip show interfaces command as shown below. This will show you all connected as well as disconnected interfaces Index number.

C:\>netsh interface ip show interfaces

Idx Met MTU State Name
--- ---------- ---------- ------------ ---------------------------
1 75 4294967295 connected Loopback Pseudo-Interface 1
17 35 1500 connected Wi-Fi
18 65 1500 disconnected Bluetooth Network Connection
19 25 1500 disconnected Local Area Connection* 1
5 5 1500 disconnected Ethernet
7 25 1500 disconnected Local Area Connection* 10
6 35 1500 disconnected Ethernet 2
13 25 1500 connected VirtualBox Host-Only Network

 

Example 5: How to Check all the Wireless Profiles

If you want to check all the wireless profiles then you need to use netsh wlan show profile command as shown below.

Advertisements
C:\>netsh wlan show profile

Profiles on interface Wi-Fi:

Group policy profiles (read only)
---------------------------------
<None>

User profiles
-------------
All User Profile : Fibre You
All User Profile : AndyAP
All User Profile : Fibre You 1
All User Profile : vivo 1902
All User Profile : Bright you
All User Profile : redmi
All User Profile : cherry
All User Profile : TP-LINK_8976A
All User Profile : John_5G

 

Example 6: How to Check all the Available Wireless Connections

If you want to check all the available wireless connections then you need to use netsh wlan show networks command as shown below. As you can see we have 4 wireless network connections currently visible.

C:\>netsh wlan show networks

Interface name : Wi-Fi
There are 4 networks currently visible.

SSID 1 : Fibre You
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP

SSID 2 : ServiceNet-2mbps
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP

SSID 3 :
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP
...............................

 

Example 7: How to Check the Strength of all the Available Wireless Connections

If you are looking to check the strength of all the available wireless connections then you need to use netsh wlan networks mode=bssid command as shown below. This command will provide the Signal strength of the available wireless network connections along with other important informations like Radio type, Channel, Basic rates and other rates.

C:\>netsh wlan show networks mode=bssid

Interface name : Wi-Fi
There are 4 networks currently visible.

SSID 1 : Fibre You
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP
BSSID 1 : a8:da:0a:6d:8c:67
Signal : 100%
Radio type : 802.11ac
Channel : 149
Basic rates (Mbps) : 6 12 24
Other rates (Mbps) : 9 18 36 48 54

 

Example 8: How to Disconnect from Currently Connected Wireless Device

If you want to disconnect from currently connected wireless device then all you need to do is to run netsh wlan disconnect command as shown below.

C:\>netsh wlan disconnect
Disconnection request was completed successfully for interface "Wi-Fi".

 

Example 9: How to Connect to an Available Wireless Device

If you want to connect to an available wireless device by its name then you need to use netsh wlan connect name="<wireless_device_name>" syntax. In this example we are connecting to Fibre You wireless device by using netsh wlan connect name="Fibre You" command as shown below.

C:\>netsh wlan connect name="Fibre You"
Connection request was completed successfully.

 

Example 10: How to Show all the Wireless Interfaces 

If you want to check all the information about your Wireless Interface then you need to use netsh wlan show interfaces command as shown below. As you can see in my case, I have only one Qualcomm Wireless Adapter currently available in my System. Similarly, you can check in your System as well.

C:\>netsh wlan show interfaces

There is 1 interface on the system:

Name : Wi-Fi
Description : Qualcomm QCA9377 802.11ac Wireless Adapter
GUID : e90ba5b7-5926-4d9f-b09a-3ef5d7357b09
Physical address : 80:7c:a5:41:31:f9
State : connected
SSID : Fibre You
BSSID : a8:da:0a:6d:8c:67
Network type : Infrastructure
Radio type : 802.11ac
Authentication : WPA2-Personal
Cipher : CCMP
Connection mode : Profile
Channel : 149
Receive rate (Mbps) : 433.3
Transmit rate (Mbps) : 433.3
Signal : 100%
Profile : Fibre You

Hosted network status : Not available

 

Example 11: How to Show Drivers of Wireless Interfaces

If you want to check the wireless interface driver information then you need to use netsh wlan show drivers command as shown below. This will give you complete information about the Wi-fi device driver like vendor details, provider information and driver version.

C:\>netsh wlan show drivers

Interface name: Wi-Fi

Driver : Qualcomm QCA9377 802.11ac Wireless Adapter
Vendor : Qualcomm Communications Inc.
Provider : Qualcomm Communications Inc.
Date : 14-06-2020
Version : 12.0.0.953
INF file : oem41.inf
Type : Native Wi-Fi Driver
Radio types supported : 802.11b 802.11a 802.11g 802.11n 802.11ac
FIPS 140-2 mode supported : Yes

 

Example 12: How to Check Current Proxy Setting in Windows

If you want to check your current proxy setting in Windows then you need to use netsh winhttp show proxy command as shown below.

C:\>netsh winhttp show proxy

Current WinHTTP proxy settings:

Direct access (no proxy server).

 

Example 13: How to Check TCP Global Parameters Status

If you want to check all the TCP Global parameters then you need to use netsh interface tcp show global command as shown below.

C:\>netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State : enabled
Receive Window Auto-Tuning Level : normal
Add-On Congestion Control Provider : default
ECN Capability : disabled
RFC 1323 Timestamps : disabled
Initial RTO : 1000
Receive Segment Coalescing State : enabled
Non Sack Rtt Resiliency : disabled
Max SYN Retransmissions : 4
Fast Open : enabled
Fast Open Fallback : enabled
HyStart : enabled
Proportional Rate Reduction : enabled
Pacing Profile : off

 

Example 14: How to Check UDP Global Parameters Status

If you want to check UDP global parameters status then you need to use netsh interface udp show global command as shown below.

C:\>netsh interface udp show global
Querying active state...

UDP Global Parameters
----------------------------------------------
Receive Offload State : disabled

 

Example 15: How to Disable TCP RSS Global Parameter

If you are looking to disable any of the TCP Global parameter like RSS in this case then you need to use netsh interface tcp set global rss=disabled command as shown below.

C:\>netsh interface tcp set global rss=disabled
Ok.

 

Example 16: How to Enable TCP RSS Global Parameter

Similarly, if you want to enable any of the TCP Global Parameter like RSS in this case then you need to use netsh interface tcp set global rss=enabled command as shown below.

C:\>netsh interface tcp set global rss=enabled
Ok.

 

Example 17: How to List all the defined Aliases

If you want to list all the defined aliases then you need to use netsh show alias command as shown below.

C:\>netsh show alias

 

Example 18: How to Reset Winsock entries to default

If you are facing any issue and want to reset winsock catalog entries then you need to use netsh winsock reset catalog command as shown below.

C:\>netsh winsock reset catalog

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

 

Example 19: How to Reset TCP/IP Stack to Installation Default

If you are looking to reset TCP/IP stack then you can use netsh int ip reset reset.log command as shown below.

C:\>netsh int ip reset reset.log
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.

 

Example 20: How to Set Proxy in Windows using netsh command

If you want to set proxy in Windows then you can use below netsh command.

C:\>netsh winhttp set proxy "myproxy.proxyaddress.com:8484" "<local>;*.proxyaddress.com"

Current WinHTTP proxy settings:

Proxy Server(s) : myproxy.proxyaddress.com:8484
Bypass List : <local>;*.proxyaddress.com

 

Example 21: How to Change the IP Address of an Interface

You can change the IP address of a network interface using below netsh command.

C:\>netsh int ip set address "local area connection" static 192.168.29.101 255.255.255.0 192.168.29.254 1

Now if you check again using ipconfig command then you can see the new IP on below output.

C:\>ipconfig

Windows IP Configuration


Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2405:201:a40a:e85d:2160:65ab:c836:964b
Temporary IPv6 Address. . . . . . : 2405:201:a40a:e85d:a5c5:71c7:b0bc:3226
Link-local IPv6 Address . . . . . : fe80::2160:65ab:c836:964b%11
IPv4 Address. . . . . . . . . . . : 192.168.29.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::aada:cff:fe6d:8c46%11
192.168.29.254

Tunnel adapter isatap.{8A0A0AB5-6B66-452F-89EB-265C6BDD1E38}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

 

Example 22: How to Show Multicast Joins for all Network Interfaces

If you want to show multicast joins for all network interfaces then you need to use netsh interface ip show joins command as shown below.

C:\>netsh interface ip show joins

Interface 1: Loopback Pseudo-Interface 1

Scope References Last Address
---------- ---------- ---- ---------------------------------
0 1 Yes 239.255.255.250

Interface 17: Wi-Fi

Scope References Last Address
---------- ---------- ---- ---------------------------------
0 0 Yes 224.0.0.1
0 2 Yes 224.0.0.251
0 1 Yes 224.0.0.252
0 1 Yes 239.255.255.250

 

Example 23: How to Allow a Port from Windows Firewall using netsh command

If you are looking to allow a port from windows firewall then you need to use below netsh advfirewall command. In this example we are allowing Port 3389 from Windows firewall by using netsh advfirewall firewall add rule name="Open Remote Desktop" protocol=TCP dir=in localport=3389 action=allow command as shown below.

C:\>netsh advfirewall firewall add rule name="Open Remote Desktop" protocol=TCP dir=in localport=3389 action=allow
Ok.

 

Example 24: How to Add a Primary DNS Server to an Interface

If you want to add a Primary DNS Server then you need to use netsh interface ip add dns name="<Interface_name>" addr=<IPv4 Address> syntax. In this example we are adding DNS Server 230.92.45.130 to Local Area Connection using netsh interface ip add dns name="Local Area Connection" addr=230.92.45.130 command as shown below.

C:/>netsh interface ip add dns name="Local Area Connection" addr=230.92.45.130

 

Example 25: How to Allow Ping requests through Windows Firewall

If you want to allow ICMPv4 protocol through Windows Firewall then you need to use netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=allow protocol=icmpv4 command as shown below.

C:\>netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=allow protocol=icmpv4
Ok.

 

Example 26: How to Block Ping requests through Windows Firewall

Similarly if you want to block ICMPv4 protocol through Windows Firewall then you need to use netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4 command as shown below.

C:\>netsh advfirewall firewall add rule name="All ICMP V4" dir=in action=block protocol=icmpv4
Ok.

 

Example 27: How to Disable Windows Firewall in all Profiles

If you are looking to disable Windows Firewall in all the profiles then you need to use netsh advfirewall set allprofiles state off command as shown below.

C:\>netsh advfirewall set allprofiles state off
Ok.

 

Example 28: How to Reset Windows Firewall Settings to Default

If you are looking to reset windows firewall settings to default values then you need to use netsh advfirewall reset command as shown below.

C:\>netsh advfirewall reset
Ok.

 

Example 29: How to Capture Packets using netsh command

If you are troubleshooting any network issues then you might want to capture the Network Packets to analyze the issue further. This can be easily done by using below netsh trace command. In this example we are starting network packets capture in trace.etl file under C drive using netsh trace start capture=yes tracefile=c:\trace.etl persistent=yes maxsize=4096 command as shown below.

C:\>netsh trace start capture=yes tracefile=c:\trace.etl persistent=yes maxsize=4096

Trace configuration:
-------------------------------------------------------------------
Status: Running
Trace File: c:\trace.etl
Append: Off
Circular: On
Max Size: 4096 MB
Report: Off

 

Example 30: How to Stop Trace using netsh command

If you want to stop the Network trace then you need to use netsh trace stop command as shown below.

C:\>netsh trace stop
Merging traces ... done
Generating data collection ... done
The trace file and additional troubleshooting information have been compiled as "c:\trace.cab".
File location = c:\trace.etl
Tracing session was successfully stopped.

 

Example 31: How to Check all the Options available with netsh command

If you are looking to check all the options available with netsh command then you need to use netsh /? command as shown below.

C:\>netsh /?

Usage: netsh [-a AliasFile] [-c Context] [-r RemoteMachine] [-u [DomainName\]UserName] [-p Password | *]
[Command | -f ScriptFile]

The following commands are available:

Commands in this context:
? - Displays a list of commands.
add - Adds a configuration entry to a list of entries.
advfirewall - Changes to the `netsh advfirewall' context.
bridge - Changes to the `netsh bridge' context.
delete - Deletes a configuration entry from a list of entries.
dhcpclient - Changes to the `netsh dhcpclient' context.
dnsclient - Changes to the `netsh dnsclient' context.
dump - Displays a configuration script.
exec - Runs a script file.
firewall - Changes to the `netsh firewall' context.
help - Displays a list of commands.

Leave a Comment