How to use command line for configuring Routing and Remote Access Server

Netsh is a command line tool to configure and administer Windows based computers. Netsh can be used extensively for Routing and remote access configurations. Some of the netsh commands in RAS context are  -

1. Command – Netsh ras add authtype add authtype [type = ] PAP|SPAP|MD5CHAP|MSCHAP|MSCHAPv2|EAP
   • Selects the types of authentication which this RAS server will attempt to negotiate.  Negotiation will be in the order most-secure to least-secure.
2. Command – Netsh ras add registeredserver
   • Registers the given Windows 2000 computer as a RAS server in the Active Directory of the given domain.
3. Command – Netsh ras add link [type = ] SWC|LCP
   • Adds to the list of link properties PPP will negotiate.
4. Command – Netsh ras add multilink [type = ] MULTI|BACP
   • Adds to the list of multilink types PPP will negotiate.
5. Command – Netsh ras set authmode [mode = ] STANDARD|NODCC|BYPASS
   • Sets the mode that determines whether and when dialin clients should be authenticated.
6. Command – Netsh ras set user
   • Sets the RAS properties of a user.
7. Command – Netsh ras set tracing
   • Enables/disables extended tracing for Ras.
8. Command – Netsh ras aaaa set accounting [provider =] WINDOWS|RADIUS|NONE
   • Sets the accounting provider for Ras Server.
9. Command – Netsh ras aaaa set acctserver
   • Provides an IP address or name of a RADIUS server to use for accounting.
10. Command – Netsh ras aaaa set authentication [provider =] WINDOWS|RADIUS
    • Sets the authentication provider for Ras Server.
11. Command – Netsh ras aaaa set authserver
    • Provides an IP address or name of a RADIUS server to pass authentication requests.

Examples for configuring Remote access server using netsh -

Scenario – Preserve the Ras Server configuration on a machine

• Netsh ras dump > “<filename>”

Scenario – Restore the preserved Ras Server configuration on a machine

• Netsh exec “<filename>”

Scenario – Set the authentication and accounting provider of Ras Server to Windows

• Netsh ras aaaa set acco windows
• Netsh ras aaaa set authe windows

Scenario – Add all authentication types on the Remote Access Server

• Netsh ras add authtype pap
• Netsh ras add authtype spap
• Netsh ras add authtype md5chap
• Netsh ras add authtype mschap
• Netsh ras add authtype mschapv2
• Netsh ras add authtype eap

Scenario – Set the dialin permissions of a user “Test” to “Allow access”

• Netsh ras set user test permit

Scenario – Enable tracing logs for RAS connections

• Netsh ras set tracing * en

Puja Pandey
Software Design Engineer/Test
Windows Networking Group

[This posting is provided "AS IS" with no warranties, and confers no rights.]

Comments

• Anonymous
  January 01, 2003
  PingBack from http://www.keyongtech.com/1281762-create-vpn-site-to-site