لطفا منتظر باشید ...
Publisher| netsh/RAS Context |
Subcontexts
- AAAA
- Appletalk
- IP
- IPX
- NETBEUI
Only commands for the IP subcontext are covered in this section. For
a list of commands in a different subcontext, switch to that
subcontext and type help.
Commands
- aaaa
Switches to AAAA subcontext.- add authtype type=[PAP | SPAP | MD5CHAP | MSCHAP | MSCHAPv2 | EAP]
Specifies additional types of authentication the RAS server can
negotiate.- add link type=[SWC | LCP]
Specifies additional link properties that can be used for PPP
negotiation.- add multilink type=[MULTI | BACP]
Specifies additional multilink types that can be used for PPP
negotiation.- add registeredserver name=domainname server=RASservername
Registers the RAS server in Active Directory.- appletalk
Switches to Appletalk subcontext.- delete [authtype | link | multilink | registeredserver] [options]
Removes a RAS authentication, PPP link, or PPP multilink type or
unregisters a RAS server in Active Directory (see the
add commands earlier in this list for the syntax).- dump
Dumps the configuration of the remote-access server as a series of
NetShell commands.- ip
Switches to IP subcontext. The commands available in this subcontext
are listed in Table 5-12.- ipx
Switches to IPX subcontext.- netbeui
Switches to NETBEUI subcontext.- set authmode mode=[STANDARD | NODCC | BYPASS]
STANDARD means all clients must be authenticated,
NODCC bypasses authentication for direct cable
connections, and BYPASS means authentication
isn't required for any type of device.- set tracing component=componentname state=[ENABLED | DISABLED]
Turns extended tracing on or off for the specified component (use an
asterisk to represent all components).- set usernames=username dialin=[PERMIT | DENY | POLICY] [cbpolicy=[NONE | CALLER | ADMIN] cbnumber=callbacknumber]
Configures the RAS properties for the specified user, including
whether the user is specifically allowed or denied the right to dial
in, whether this is determined by the remote-access policy, and
whether the user can use callback when dialing in.- show activeservers
Causes the server to listen for RAS server advertisements.- show authmode
Displays the current authentication mode of the RAS server.- show authtype
Displays the authentication types currently enabled on the server.- show client
Lists RAS clients currently connected to the server.- show link
Displays the types of link properties that the server currently uses
for PPP negotiation.- show multilink
Displays the types of multilink types that the server currently uses
for PPP negotiation.- show registeredserver domain=domainname server=RASservername
Verifies whether the specified RAS server is registered in Active
Directory for that domain.- show tracing component=componentname
Displays whether extended tracing is enabled for the specified
component. (If no component is specified, then the state of tracing
is displayed for all components.)- show usernames=username mode=[PERMIT | REPORT]
Displays the RAS settings for the specified useror for all
users, if no username is specified. PERMIT
displays only those users whose dial-in setting is currently set to
PERMIT, while REPORT displays
all users in the current domain.
Command | Option | Description |
|---|---|---|
add | Range | Specifies address ranges for static address pool |
delete | Pool | Removes all ranges from static address pool |
Range | Removes specified range from static address pool | |
dump | Dumps configuration as netsh commands | |
set | Access | Gives RAS clients access to network beyond RAS server |
Addrassign | Specifies method RAS server assigns addresses to RAS clients | |
Addrreq | Allows RAS clients to request addresses from RAS server | |
Negotiation | Enables IP negotiation for RAS client connections | |
show | Config | Displays current configuration of RAS server |
Examples
Enter RAS context of NetShell:
C:\>netsh
netsh>ras
ras>
Display the authentication mode and types currently configured on the
server:
ras>show authmode
authentication mode = standard
ras>show authtype
Enabled Authentication Types:
Code Meaning
------------------------------------------
MSCHAP Microsoft Challenge-Handshake
Authentication Protocol.
MSCHAPv2 Microsoft Challenge-Handshake
Authentication Protocol version 2.
Check whether the RAS server test.mtitcanada.com
is registered in Active Directory:
ras>show registeredserver domain=mtitcanada.com server=test
The following RAS server is registered:
RAS Server: test
Domain: mtitcanada.com
Check if user Sally is currently allowed to dial in to the RAS server:
ras>show usernames=sally
usernames: sally
Dialin: policy
Callback policy: none
Callback number:
The default remote-access policy denies all users RAS dial-in
permission, so specifically assign Sally this permission and enable
callback:
ras>set usernames=sally dialin=permit cbpolicy=admin cbnumber=555-777-1212
usernames: sally
Dialin: permit
Callback policy: admin
Callback number: 555-777-1212
Switch to the IP subcontext:
ras>ip
ras ip>
Show the IP configuration of the RAS server (this
isn't the IP address of the
server's interface, but rather how it provides
clients with IP addresses when they connect):
ras ip>show config
RAS IP config
Negotiation mode: allow
Access mode: all
Address request mode: deny
Assignment method: auto
Pool:
Notes
Use the set user command in a
batch file or script to automatically configure RAS dial-in settings
for a collection of users.
See Also
Connections, Routing and Remote Access
