Export (0) Print
Expand All

Netsh Routing IP NAT Context Commands

Updated: June 3, 2009

Applies To: Windows Server 2008, Windows Server 2008 R2

The following commands are specific to the routing IP NAT context within the Netsh environment.

To view the command syntax, click a command:

Add commands

Delete commands

Set commands

Show commands

The following entries provide details for each command.

Displays the Network Address Translation (NAT) configuration of a remote access server in script form.

dump

  • You can dump the contents of the current configuration to a file that can be used to restore altered configuration settings.

The following commands save the current configuration as a script in the c:\test\natcfg.dmp file.

  • From the command prompt:

    netsh routing ip nat dump > c:\test\natcfg.dmp

  • From the netsh routing ip nat context prompt:

    set file open c:\test\natcfg.dmp

    dump

    set file close

You can use the netsh exec command to run the script created by the netsh dump command.

Adds an IPv4 address mapping to the NAT address pool for the specified interface.

add addressmapping

name = ] InterfaceName

public = ] IPAddress

private = ] IPAddress

inboundsessions = ] { enable | disable }

name = ] InterfaceName
Required. Specifies, by name, the interface on which you want to use network address translation. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

public = ] IPAddress
Required. Specifies the IPv4 address used on a public network.

private = ] IPAddress
Required. Specifies the IPv4 address in the pooled range of addresses available for use on the private network.

inboundsessions = ] { enable | disable }
Required. Specifies whether inbound sessions are enabled or disabled.

To map the public IP address 11.11.11.1 to the private IP address 10.10.10.1 and to disable inbound sessions for this NAT table mapping, type:

add addressmapping name="Local Area Connection" 11.11.11.1 10.10.10.1 disable

Adds an address range to the NAT address pool for the specified interface.

add addressrange

name = ] InterfaceName

start = ] IPAddress

end = ] IPAddress

mask = ] SubnetMask

name = ] InterfaceName
Required. Specifies, by name, the interface to whose address pool you want to add an address range. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

start = ] IPAddress
Required. Specifies the starting IPv4 address for the address range.

end = ] IPAddress
Required. Specifies the ending IPv4 address for the address range.

mask = ] SubnetMask
Required. Specifies the IPv4 subnet mask associated with the network range bounded by the start and end IPv4 addresses.

To add an address range to the NAT address pool with addresses 10.10.10.1 to 10.10.10.100 and a subnet mask of 255.255.255.0, type:

add addressrange name="Local Area Connection" 10.10.10.1 10.10.10.100 255.255.255.0

Enables the FTP proxy on the NAT server.

add ftp

Enables NAT on the specified interface.

add interface

name = ] InterfaceName

[ [ mode = ] { full | addressonly | private } ]

name = ] InterfaceName
Required. Specifies, by name, the interface on which you want to enable NAT. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

[ [ mode = ] { full | addressonly | private } ]
Specifies whether the interface uses full, addressonly, or private mode.

  • full specifies that full (address and port) translation mode is enabled.

  • addressonly specifies that address-only translation mode is enabled.

  • private specifies that private mode is enabled.

To add NAT with both address and port translation enabled on the Local Area Connection interface, type:

add interface "Local Area Connection" full

Adds a protocol port mapping on the specified NAT-enabled interface.

add portmapping

name = ] InterfaceName

proto = ] { tcp | udp }

publicip = ] { IPAddress | 0.0.0.0 }

publicport = ] Integer

privateip = ] IPAddress

privateport = ] Integer

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to add a port mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

proto = ] { tcp | udp }
Required. Specifies whether the port mapping is for TCP or UDP.

publicip = ] { IPAddress | 0.0.0.0 }
Required. Specifies an external IPv4 address on the public network or 0.0.0.0 to indicate any IPv4 address not specified within the private network address range.

publicport = ] Integer
Required. Specifies the public protocol port by using a number from zero to 9999.

privateip = ] IPAddress
Required. Specifies an IPv4 address within the private network range.

privateport = ] Integer
Required. Specifies the private protocol port by using a number from zero to 9999.

To add a port mapping of from any public IPv4 address, protocol type tcp, public port 80, to the private IPv4 address 10.0.0.1, port 80, type:

add portmapping name="Local Area Connection" tcp 0.0.0.0 80 10.0.0.1 80

Deletes an address mapping from the NAT address pool for the specified interface.

delete addressmapping

name = ] InterfaceName

[ [ public = ] IPAddress ]

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to delete an address mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

public = ] IPAddress
Specifies the IPv4 address to be deleted. If you do not specify an address, all address mappings from the NAT address pool are deleted from the interface.

To delete the mapping to 11.11.11.1 from the NAT interface address pool for the specified interface, type:

delete addressmapping "Local Area Connection" 11.11.11.1

Deletes an address range from the Network Address Translation (NAT) address pool for the specified interface.

delete addressrange

InterfaceName = ] InterfaceName

start = ] IPAddress

name = ] InterfaceName
Required. Specifies, by name, the interface from which you want to delete an address range. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

start = ] IPAddress
Required. Specifies the starting IPv4 address of the range you want to delete.

To delete an address range from the NAT address pool that begins with address 10.10.10.1, type:

delete addressrange name="Local Area Connection" 10.10.10.1

Disables the FTP proxy on the NAT server.

delete ftp

Removes NAT from the specified interface.

delete interface

name = ] InterfaceName

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to remove the use of NAT. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

To remove NAT from the Local Area Connection interface, type:

delete interface "Local Area Connection"

Deletes a protocol port mapping from the specified NAT-enabled interface.

delete portmapping

name = ] InterfaceName

proto = ] { tcp | udp }

publicip = ] { IPAddress | 0.0.0.0 }

publicport = ] Integer

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to delete a port mapping. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

proto  ] { tcp | udp }
Required. Specifies the protocol type. The tcp parameter specifies that the protocol type is Transmission Control Protocol. The udp parameter specifies that the protocol type is User Datagram Protocol.

publicip = ] { IPAddress | 0.0.0.0 }
Required. Specifies an external IPv4 address on the public network or 0.0.0.0 to indicate any IP address not specified within the private network address range.

publicport = ] Integer
Required. Specifies the public protocol port by using a number from zero to 9999.

To remove a port mapping from a NAT-enabled interface, type:

delete portmapping name="Local Area Connection" tcp 0.0.0.0 80

Sets global parameters for NAT.

set global

[ [ tcptimeoutmins = ] Integer ]

[ [ udptimeoutmins = ] Integer ]

[ [ loglevel = ] { none | error | warn | info } ]

tcptimeoutmins = ] Integer
Specifies, in minutes, the timeout value for TCP mappings. Note: If this option is specified with no value then the value is set to 0.

udptimeoutmins = ] Integer
Specifies, in minutes, the timeout value for UDP mappings.

loglevel = ] { none | error | warn | info }
Specifies which events should be logged.

  • none specifies that no events related to NAT should be logged.

  • error specifies that only errors related to NAT should be logged.

  • warn specifies that both errors and warnings related to NAT should be logged.

  • info specifies that all events related to NAT should be logged.

To set global NAT parameters to be 1 day (1440 minutes) for TCP mappings timeout, 1 minute for UDP mappings timeout, and NAT error logging only, type:

set global tcptimeoutmins=1440 udptimeoutmins=1 loglevel=error

Configure NAT parameters for the specified interface.

set interface

name = ] InterfaceName

mode = ] { full | addressonly | private }

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to configure parameters. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

mode = ] { full | addressonly | private }
Required. Specifies whether the interface should be enabled for full, addressonly, or private mode.

  • full specifies that full (address and port) translation mode is enabled.

  • addressonly specifies that address-only translation mode is enabled.

  • private specifies that private mode is enabled.

To configure NAT with address and port translation enabled on the Local Area Connection interface, type:

set interface "Local Area Connection" full

Displays the NAT global configuration.

show global

Displays the NAT configuration for the specified interface. Used without parameters, show interface displays NAT configuration information for all interfaces.

show interface

name = ] InterfaceName

name = ] InterfaceName
Required. Specifies, by name, the interface for which you want to display information. The InterfaceName parameter must match the name of the interface as specified in Network Connections. If InterfaceName contains spaces, use quotation marks around the text (for example, "Interface Name").

Installs the NAT routing component for IPv4.

install

Removes the NAT routing component from IPv4.

uninstall

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft