netsh/RAS Context |
Configures a remote-access server.
Only commands for the IP subcontext are covered in this section. For a list of commands in a different subcontext, switch to that subcontext and type help .
Switches to AAAA subcontext.
Specifies additional types of authentication the RAS server can negotiate.
Specifies additional link properties that can be used for PPP negotiation.
Specifies additional multilink types that can be used for PPP negotiation.
Registers the RAS server in Active Directory.
Switches to Appletalk subcontext.
Removes a RAS authentication, PPP link, or PPP multilink type or unregisters a RAS server in Active Directory (see the add commands earlier in this list for the syntax).
Dumps the configuration of the remote-access server as a series of NetShell commands.
Switches to IP subcontext. The commands available in this subcontext are listed in Table 5-12.
Switches to IPX subcontext.
Switches to NETBEUI subcontext.
STANDARD means all clients must be authenticated, NODCC bypasses authentication for direct cable connections, and BYPASS means authentication isn't required for any type of device.
Turns extended tracing on or off for the specified component (use an asterisk to represent all components ).
Configures the RAS properties for the specified user, including whether the user is specifically allowed or denied the right to dial in, whether this is determined by the remote-access policy, and whether the user can use callback when dialing in.
Causes the server to listen for RAS server advertisements.
Displays the current authentication mode of the RAS server.
Displays the authentication types currently enabled on the server.
Lists RAS clients currently connected to the server.
Displays the types of link properties that the server currently uses for PPP negotiation.
Displays the types of multilink types that the server currently uses for PPP negotiation.
Verifies whether the specified RAS server is registered in Active Directory for that domain.
Displays whether extended tracing is enabled for the specified component. (If no component is specified, then the state of tracing is displayed for all components.)
Displays the RAS settings for the specified useror for all users, if no username is specified. PERMIT displays only those users whose dial-in setting is currently set to PERMIT , while REPORT displays all users in the current domain.
Command | Option | Description |
---|---|---|
add | Range | Specifies address ranges for static address pool |
delete | Pool | Removes all ranges from static address pool |
Range | Removes specified range from static address pool | |
dump | Dumps configuration as netsh commands | |
set | Access | Gives RAS clients access to network beyond RAS server |
Addrassign | Specifies method RAS server assigns addresses to RAS clients | |
Addrreq | Allows RAS clients to request addresses from RAS server | |
Negotiation | Enables IP negotiation for RAS client connections | |
show | Config | Displays current configuration of RAS server |
Enter RAS context of NetShell:
C:\> netsh netsh> ras ras>
Display the authentication mode and types currently configured on the server:
ras> show authmode authentication mode = standard ras> show authtype Enabled Authentication Types: Code Meaning ------------------------------------------ MSCHAP Microsoft Challenge-Handshake Authentication Protocol. MSCHAPv2 Microsoft Challenge-Handshake Authentication Protocol version 2.
Check whether the RAS server test.mtitcanada.com is registered in Active Directory:
ras> show registeredserver domain=mtitcanada.com server=test The following RAS server is registered: RAS Server: test Domain: mtitcanada.com
Check if user Sally is currently allowed to dial in to the RAS server:
ras> show usernames=sally usernames: sally Dialin: policy Callback policy: none Callback number:
The default remote-access policy denies all users RAS dial-in permission, so specifically assign Sally this permission and enable callback:
ras> set usernames=sally dialin=permit cbpolicy=admin cbnumber=555-777-1212 usernames: sally Dialin: permit Callback policy: admin Callback number: 555-777-1212
Switch to the IP subcontext:
ras> ip ras ip>
Show the IP configuration of the RAS server (this isn't the IP address of the server's interface, but rather how it provides clients with IP addresses when they connect):
ras ip> show config RAS IP config Negotiation mode: allow Access mode: all Address request mode: deny Assignment method: auto Pool:
Use the set user command in a batch file or script to automatically configure RAS dial-in settings for a collection of users.
Connections, Routing and Remote Access