Configuring Windows Server 2008 & Windows Vista Wireless connections from the CLI using netsh wlan
Why would you want to use the command line to configure wireless networking?
Some of you might be asking why you would want to do this in the first place and that is a logical question. Let me provide some justification for the reason behind this and help try to demonstrate the need to you.
- Using the CLI when no GUI is available – You never know when you will need to configure something (like wireless) from the command line because no GUI is available. This could happen for a number of reasons. With the commands you learn in this article, you will be prepared.
- Using the CLI when Scripting – The day may come (or it may be here now) when you need to write a script to connect to a wireless network. If you create that script, you will need to know all the necessary netsh wlan commands needed to accomplish your task, inside the script. For example, you might want to configure wireless connectivity in a logon script.
- Because it is faster – Some of us are just “command line junkies” and we enjoy using the command line to do things over the GUI. In fact, for some of you out there, you are fast enough at the command line that you can do things faster in the CLI than you can in the GUI.
What does netsh wlan offer you?
The netsh wlan command set is only offered in Windows Vista (not in XP, 2003, or 2008 Server). So what can you do with these commands? Here is a list:
- Configure wireless security settings for this Windows PC or laptop.
- Configure wireless connectivity and network settings for this Windows PC or laptop. For example, you could configure a laptop, when logging in, to connect, securely, to the company wireless network.
- View the wireless group policy settings that are applied to this Windows machine
- Connect to “mixed mode” networks – for example, you can connect to either a WPA or WPA2 wireless network.
- Hide wireless networks from end users – with netsh wlan, you can hide from your end users or prevent end users from connecting to potentially malicious or just undesirable wireless networks.
With that, let us see how it works…
Creating profiles and connecting to a Wireless LAN using netsh wlan
Now that we have seen some possible uses for netsh wlan, let me show you, on a real Windows Vista machine, how to use these commands to do certain tasks.
To view all the options for netsh wlan, simply type netsh wlan without any options
And you will see this:
Figure 1: Netsh wlanhelp options
To really connect, the first thing you need to do is to create a profile. As the creation of a profile works off of an existing profile file that you have already saved, we first need to create our saved XML file.
On a Vista machine that already has a working wireless network, you would run the following command:
netsh wlan export profile name=”BOW” folder=C:\Users\David\wlan interface=”Wireless Network Connection”
This would create a file called:
- Wireless Network Connection-BOW.xml
- In folder C:\Users\David\wlan
Figure 2: Netsh wlanexport example
You would then import this file onto the system that you want to add the profile on and connect to the wireless network.
To create a profile to connect to the WLAN on the new machine, I would do:
C:\Users\David\wlan> netsh wlan add profile filename=”Wireless Network Connection-BOW.xml”
(assuming I changed directory into the “wlan” folder)
Figure 3: Adding a new profile with Netsh wlan
Optionally, you could choose to add this profile only for a certain wireless interface or for certain users.
Once the profile is added, you should be able to verify that it is there with:
netsh wlan show profiles
Figure 4: Showing wireless profiles with Netsh wlan
You can see the settings for those profiles with:
netsh wlan show settings
Once you know that you have a profile, you can use that profile to connect, like this:
netsh wlan connect ssid=”mySSID” name=”WLAN-Profil1”
(assuming the profile did not specify auto-connection)
As you can see, we are connected to the wireless network.
Figure 5: Results of connecting to the WLAN
If there is only one interface on the computer and the security settings in the profile are correct, at this point, you should be connected to the wireless LAN.
What else can netsh wlan do for me?
Besides just adding or deleting profiles and connecting or disconnecting to wireless networks, what else can netsh wlan do for me?
Actually, there are a number of other things that netsh wlan is capable of. Here is a list:
- Dump wireless settings – By running netsh wlan dump and directing it to a text file, you can create a script that you could use to very quickly get your wireless network adaptor reconfigured. Once you have your wireless network configured and connected, I recommend creating this WLAN configuration script with this command:netsh wlan dump > mywlandump.txt
- Add a Filter – With the netsh wlan add command, you can also add a wireless network filter, as well as a profile.
- Show & set autoconfig – When auto-configuration is enabled on a wireless interface that means that the interface will automatically connect with its wireless profile. This is enabled by default. You can check your settings with netsh wlan show autoconfig. You can change your autoconfig settings with set autoconfig enabled=no interface=”Wireless Network Adaptor”
- Show & set blockednetworks – Wireless networks can be hidden or blocked. Perhaps you want the blocked networks to be shown in the list of available networks but listed as “blocked”. To hide blocked networks from the list of available networks, do netsh wlan set blockednetworks display=hide
- Show & set if you are allowed to create wireless profiles for all users on that machine – This one is self –explanatory, with the show command you can see if you are allowed
- Show & set the profile order – When it comes to which profile will be used on an interface if multiple profiles are present, the profile order is used. With the show and set profile commands you can simply view or change this profile order from the command line.
- Show & set whether tracing is on or off – Tracing is essentially event logging for your wireless device. When you enable tracing with the command netsh wlan set tra yes , you will find the log of those traces in %WINDIR%\tracing\wireless
The netsh wlan command is a new and very useful command set for Windows Vista. With these commands, you can very easily add wireless profiles and connect to wireless networks from a command line and through scripts. For more information on the netsh wlan command set, please see Microsoft’s document entitled “