Export (0) Print
Expand All

Netsh RAS AAAA Context Commands

Updated: June 3, 2009

Applies To: Windows Server 2008, Windows Server 2008 R2

The following commands are specific to the ras AAAA context within the Netsh environment.

To view the command syntax, click a command:

Add commands

Delete commands

Set commands

Show commands

The following entries provide details for each command.

Displays the AAAA configuration of a remote access server in script form.

dump

  • You can dump the contents of the current configuration to a file that can be used to restore altered configuration settings.

The following commands save the current configuration as a script in the c:\test\rasAAAAcfg.dmp file.

  • From the command prompt:

    netsh ras aaaa dump > c:\test\rasAAAAcfg.dmp

  • From the netsh ras aaaa context prompt:

    set file open c:\test\rasAAAAcfg.dmp

    dump

    set file close

You can use the netsh exec command to run the script created by the netsh dump command.

Specifies a RADIUS server to use for accounting.

add acctserver

name = ] ServerID

[ [ secret = ] SharedSecret ]

[ [ init-score = ] ServerPriority ]

[ [ port = ] Port ]

[ [ timeout = ] Seconds ]

[ [ messages = ] { enabled | disabled } ]

name = ] ServerID
Required. Specifies the RADIUS server by IP address or DNS name.

secret = ] SharedSecret
Specifies the preshared key.

init-score = ] ServerPriority
Specifies the initial server priority score.

port = ] Port
Specifies the TCP port number to which accounting requests should be sent.

timeout = ] Seconds
Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.

messages = ] { enabled | disabled }
Specifies whether to send accounting on/off messages. The enabled parameter specifies that messages should be sent. The disabled parameter specifies that messages should not be sent.

Deletes a RADIUS accounting server.

delete acctserver

name = ] ServerID

name = ] ServerID
Required. Specifies which server to delete, by DNS name or IP address.

Provides the IP address or the DNS name of a RADIUS server to use for accounting. This command performs the same task, and uses the same parameters as the add acctserver command.

set acctserver

name = ] ServerID

[ [ secret = ] SharedSecret ]

[ [ init-score = ] ServerPriority ]

[ [ port = ] Port ]

[ [ timeout = ] Seconds ]

[ [ messages = ] { enabled | disabled } ]

name = ] ServerID
Required. Specifies the RADIUS server by IP address or DNS name.

secret = ] SharedSecret
Specifies the preshared key.

init-score = ] ServerPriority
Specifies the initial server priority score.

port = ] Port
Specifies the TCP port number to which accounting requests should be sent.

timeout = ] Seconds
Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.

messages = ] { enabled | disabled }
Specifies whether to send accounting on/off messages. The enabled parameter specifies that messages should be sent. The disabled parameter specifies that messages should not be sent.

Displays detailed information about an accounting server. Used without parameters, show acctserver displays information about all configured accounting servers.

show acctserver

[ [ name = ] ServerID ]

name = ] ServerID
Specifies the RADIUS server about which to display information, by DNS name or IP address.

Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed.

add authserver

name = ] ServerID

[ [ secret = ] SharedSecret ]

[ [ init-score = ] ServerPriority ]

[ [ port = ] Port ]

[ [ timeout = ] Seconds ]

[ [ signature = ] { enabled | disabled } ]

name = ] ServerID
Required. Specifies the RADIUS server by IP address or DNS name.

secret = ] SharedSecret
Specifies the preshared key.

init-score = ] ServerPriority
Specifies the initial server priority score.

port = ] Port
Specifies the TCP port number to which authentication requests should be sent.

timeout = ] Seconds
Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.

signatures = ] { enabled | disabled }
Specifies whether to use digital signatures. The enabled parameter specifies that digital signatures should be used. The disabled parameter specifies that digital signatures should not be used.

Deletes a RADIUS authentication server.

delete authserver

name = ] ServerID

name = ] ServerID
Required. Specifies which server to delete, by DNS name or IP address.

Provides the IP address or the DNS name of a RADIUS server to which authentication requests should be passed. This command performs the same task, and uses the same parameters as the add authserver command.

set authserver

name = ] ServerID

[ [ secret = ] SharedSecret ]

[ [ init-score = ] ServerPriority ]

[ [ port = ] Port ]

[ [ timeout = ] Seconds ]

[ [ signature = ] { enabled | disabled } ]

name = ] ServerID
Required. Specifies the RADIUS server by IP address or DNS name.

secret = ] SharedSecret
Specifies the preshared key.

init-score = ] ServerPriority
Specifies the initial server priority score.

port = ] Port
Specifies the TCP port number to which authentication requests should be sent.

timeout = ] Seconds
Specifies the timeout period, in seconds, during which the RADIUS server can be idle before it should be marked unavailable.

signatures = ] { enabled | disabled }
Specifies whether to use digital signatures. The enabled parameter specifies that digital signatures should be used. The disabled parameter specifies that digital signatures should not be used.

Displays detailed information about an authentication server. Used without parameters, show authserver displays information about all configured authentication servers.

show authserver

[ [ name = ] ServerID ]

[ [ name = ] ServerID ]
Specifies the RADIUS server about which to display information, by DNS name or IP address.

Specifies the accounting provider.

set accountingwindows | radius | none }

windows | radius | none }
Required. Specifies whether accounting should be performed and by which server. The windows parameter specifies that Windows security on the local RRAS server should perform accounting. The radius parameter specifies that a RADIUS server should perform accounting. The none parameter specifies that no accounting should be performed.

Displays the currently configured accounting provider.

show accounting

Specifies the authentication provider.

set authenticationwindows | radius }

windows | radius }
Required. Specifies which technology should perform authentication. The windows parameter specifies that Windows security on the local RRAS server should perform authentication. The radius parameter specifies that a RADIUS server should perform authentication.

Displays the currently configured authentication provider.

show authentication

Sets the IPsec policy for the L2TP connection.

set ipsecpolicy

psk = ] { enabled | disabled }

secret = ] SharedSecret

psk = ] { enabled | disabled }
Required. Specifies whether an L2TP connection uses an IPsec policy configured to use either a preshared key or certificates. The enabled parameter specifies that the IPsec policy uses an IPsec policy configured with a preshared key. The disabled parameter specifies that the IPsec policy is set to use certificates.

secret = ] SharedSecret
Required when psk authentication is enabled. Specifies the preshared key to be used with the custom IPsec policy.

The following sets the IPsec policy for the L2TP connection.

set ipsecpolicy psk=enabled secret="P@ssword"

Shows whether the IPsec policy for the L2TP connection is configured to use a preshared key or certificates.

show ipsecpolicy

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft