Network and Sharing Center Operations Guide

Network and Sharing Center Operations Guide

Microsoft Corporation

Published: October 2010

Authors: James McIllece, Dave Bishop, L. Joan Devraun

Editor: Scott Somohano

AbstractNetwork and Sharing Center provides a centralized location where you can view, create, and

modify local area network (LAN), wireless local area network (WLAN), virtual private network

(VPN), dial-up, and Broadband connections on your client and server computers. In addition, you

can configure connections to the local computer and sharing options that specify the content that

is available to other computers and devices on the network.

You can use this guide to administer Network and Sharing Center in Windows® 7, Windows

Server® 2008 R2, Windows Vista, and Windows Server 2008.

Please provide feedback about this guide using the star rating system on the web version of the

guide in the Windows Server 2008 and Windows Server 2008 R2 Technical Library, at

http://go.microsoft.com/fwlink/?linkid=63530.

http://go.microsoft.com/fwlink/?linkid=63530

This document supports a preliminary release of a software product that may be changed

substantially prior to final commercial release, and is the confidential and proprietary information

of Microsoft Corporation. It is disclosed pursuant to a non-disclosure agreement between the

recipient and Microsoft. This document is provided for informational purposes only and Microsoft

makes no warranties, either express or implied, in this document. Information in this document,

including URL and other Internet Web site references, is subject to change without notice. The

entire risk of the use or the results from the use of this document remains with the user. Unless

otherwise noted, the example companies, organizations, products, domain names, e-mail

addresses, logos, people, places, and events depicted herein are fictitious, and no association

with any real company, organization, product, domain name, e-mail address, logo, person, place,

or event is intended or should be inferred. Complying with all applicable copyright laws is the

responsibility of the user. Without limiting the rights under copyright, no part of this document may

be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by

any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose,

without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual

property rights covering subject matter in this document. Except as expressly provided in any

written license agreement from Microsoft, the furnishing of this document does not give you any

license to these patents, trademarks, copyrights, or other intellectual property.

© 2010 Microsoft Corporation. All rights reserved.

Microsoft, MS-DOS, Windows, Windows Server, Windows Vista, and Active Directory are either

registered trademarks or trademarks of Microsoft Corporation in the United States and/or other

countries.

References to any third-party products or their hardware identifiers are for illustrative purposes

only. These products are not endorsed by Microsoft Corporation.

All other trademarks are property of their respective owners.

Contents

Network and Sharing Center Operations Guide............................................................................10

In this guide............................................................................................................................... 10

Introduction to Administering Network and Sharing Center...........................................................10

When to Use This Guide...........................................................................................................10

How to Use This Guide..............................................................................................................11

What this guide does not provide...............................................................................................11

Best Practices for Administering Network and Sharing Center.....................................................12

Administer Network and Sharing Center.......................................................................................14

Start Network and Sharing Center................................................................................................15

Additional considerations....................................................................................................16

Manage Network Connections......................................................................................................16

Open the Network Connections folder and view available connections........................................17


Enable connection logging............................................................................................................18


Specify a default network connection............................................................................................19


Establish Network Connections....................................................................................................20

Create a Local Area Network (LAN) connection...........................................................................20

Connect to a network....................................................................................................................21

Connect to a network in Windows Vista and Windows Server 2008.............................................21





Connect to a network in Windows 7 and Windows Server 2008 R2.............................................26

Create a wireless network connection..........................................................................................27

Create a Wireless Network connection in Windows Vista and Windows Server 2008..................27

Make a connection to a wireless network that is visible and in range.................................27

Make a connection to a wireless network that is not visible................................................28

Create a Wireless Network connection in Windows 7 and Windows Server 2008 R2..................29

Create a Virtual Private Network (VPN) connection......................................................................30

Create a VPN connection in Windows Vista and Windows Server 2008......................................30


To create a VPN connection over a dial-up or broadband PPPoE connection....................32

Create a VPN connection in Windows 7 and Windows Server 2008 R2.......................................32

Create a dial-up or ISDN connection............................................................................................33

Create a dial-up or ISDN connection in Windows Vista and Windows Server 2008.....................33


Create a Broadband connection using PPPoE in Windows Vista and Windows Server 2008......34


Create a dial-up or ISDN connection in Windows 7 and Windows Server 2008 R2......................36

Configure Network Connections...................................................................................................37

Create a copy of a network connection.........................................................................................37

Enable or disable a network connection.......................................................................................37

Rename a network connection.....................................................................................................38


Configure Dial-up and ISDN network connections........................................................................38

Change How Windows Dials Phone Numbers..............................................................................39

Create a new dialing location........................................................................................................40


Change dialing properties for a location........................................................................................40


Specify area code rules................................................................................................................41


Specify numbers to dial an outside line.........................................................................................42


Create a new calling card.............................................................................................................43


Modify an existing calling card......................................................................................................44


Use a calling card to dial long distance.........................................................................................45


Specify a long distance carrier......................................................................................................46


Configure Dial-up Options.............................................................................................................47

Configure client callback options..................................................................................................47


Configure Autodial........................................................................................................................ 48

Enable multiple device dialing.......................................................................................................49


Configure phone number modifiers...............................................................................................50


Configure redial options................................................................................................................51


Configure Idle Time Before Disconnect.........................................................................................52


Assign multiple phone numbers to a connection...........................................................................52

Enable operator-assisted calls or manual dialing..........................................................................53


Start the Remote Access Auto Connection Manager Service.......................................................54

Configure VPN connections..........................................................................................................55

Configure VPN connections in Windows Vista and Windows Server 2008...................................55

Configure VPN connections in Windows 7 and Windows Server 2008 R2...................................56

Delete a network connection.........................................................................................................57

Delete a network connection in Windows Vista and Windows Server 2008..................................57


Delete a network connection in Windows 7 and Windows Server 2008 R2..................................58


View network connection status....................................................................................................59

View network connection status in Windows Vista and Windows Server 2008.............................60


View network connection status in Windows 7 and Windows Server 2008 R2.............................61


Configure Incoming Connections..................................................................................................62

Accept Incoming Network Connections........................................................................................62


Grant computer access privileges for an Incoming Connection....................................................64

Configure an Incoming Connection to use TCP/IP........................................................................65


Configure an Incoming Connection to use Callback.....................................................................67


Configure Network Protocols and Components............................................................................68

Configure TCP/IP settings.............................................................................................................68



Install additional network protocols or components......................................................................70


Enable or disable a network protocol or component.....................................................................71


Remove a network protocol or component...................................................................................72


Modify the protocol bindings and network provider order..............................................................73


Configure the Client for Microsoft Networks..................................................................................74

Configure Point-to-Point Protocol (PPP).......................................................................................75

Start or stop requesting LCP Extensions in PPP..........................................................................75


Enable or disable IP header compression in PPP.........................................................................76


Enable or disable software compression in PPP..........................................................................76

Enable or disable multilink for single link connections..................................................................77

Disconnect a wireless, dial-up, or VPN connection.......................................................................77

Disconnect from a network in Windows Vista and Windows Server 2008....................................78




Additional references..........................................................................................................80


Disconnect from a network in Windows 7 and Windows Server 2008 R2.....................................81

To disconnect from a network....................................................................................................81

Repair a LAN or High Speed Internet Connection........................................................................81

Repair a connection in Windows Vista and Windows Server 2008...............................................82


Repair a connection in Windows 7 and Windows Server 2008 R2...............................................82

Additional considerations.......................................................................................................83

Secure Network Connections.......................................................................................................84

Secure network connections in Windows Vista and Windows Server 2008..................................84

Configure identity authentication and data encryption settings.....................................................84

Enable smart card or other certificate authentication....................................................................86



Secure network connections in Windows 7 and Windows Server 2008 R2..................................87

Configure data encryption for a connection..................................................................................87

Configure Extensible Authentication Protocol (EAP) for connections...........................................89

Configuring Terminal and Scripting Options..................................................................................92

Use the Terminal feature to log on to a remote computer.............................................................93


Activate a logon script................................................................................................................... 93

Manage Network Discovery, File and Printer Sharing...................................................................94

Configure Sharing and Discovery in Windows Vista and Windows Server 2008..........................95





Configure Sharing and Discovery in Windows 7 and Windows Server 2008 R2...........................97

Manage the Network Icon, Network Location, and Network Map.................................................99

Review Network and Sharing Center icons...................................................................................99

Display the Network Map............................................................................................................100

Additional considerations..................................................................................................101

Configure network icon animation in Windows Vista and Windows Server 2008........................101


Enable or disable notification of new networks...........................................................................101

Specify a network location for an active network in Windows 7 and Windows Server 2008 R2..102

Turn off the Network Location wizard..........................................................................................103

Customize networks in Windows Vista and Windows Server 2008.............................................104

Display or hide the network icon in the notification area.............................................................105

Display or hide the network icon in Windows Vista and Windows Server 2008..........................105


Display or hide the network icon in Windows 7 and Windows Server 2008 R2..........................106


Configure Network and Sharing Center for a Managed Network................................................107

Configure network connection restrictions with Group Policy.....................................................107

Enable or disable File Sharing with Group Policy.......................................................................109


Enable or disable Internet Connection Sharing with Group Policy..............................................110


Enable or disable Network Bridge with Group Policy..................................................................111


Use the Network Configuration Operators group........................................................................112


Configure the Network Map........................................................................................................113

Enable or disable the LLTD Mapper I/O with Group Policy.........................................................114


Enable or disable the LLTD Responder with Group Policy..........................................................115


Install the LLTD Responder on a computer running Windows XP...............................................116


Additional Resources..................................................................................................................117

Additional references...............................................................................................................117

Network and Sharing Center Operations Guide

This guide provides information about administering the Network and Sharing Center in

Windows® 7, Windows Server® 2008 R2, Windows Vista®, and Windows Server® 2008.

Unless otherwise specified, the procedures in this guide apply to all operating system

versions listed above.

Network and Sharing Center provides a centralized location where you can view, create, and

modify local area network (LAN), wireless local area network (WLAN), virtual private network

(VPN), dial-up, and Broadband connections on your client and server computers. In addition, you

can configure connections to the local computer and sharing options that specify the content that

is available to other computers and devices on the network; and you can use Network and

Sharing Center tools like Network Map and Network Location to view and specify additional

settings about networks and network profiles.

In this guideYou can use the tasks and information in the following sections to administer Network and

Sharing Center.

Introduction to Administering Network and Sharing Center

Best Practices for Administering Network and Sharing Center

Administer Network and Sharing Center

Additional Resources

Introduction to Administering Network and Sharing Center

This guide explains how to administer Network and Sharing Center during the operations phase

of the information technology (IT) life cycle. If you are not familiar with this guide, you can review

the following sections of this introduction for an overview of the guide, its contents, and how and

when the guide is useful.

When to Use This GuideYou can use this guide when:

Note

You want to create, configure, or manage a network connection to a wireless or remote network.

You want to configure network parameters, connections, and features for client computers that are deployed on a managed network.

This guide includes management-level knowledge that is relevant to different roles within an IT

organization, including the roles of IT operations managers and administrators.

In addition, this guide contains more detailed procedures that are designed for operators who

have varied levels of expertise and experience. Although the procedures provide operator

guidance from start to finish, operators must have a basic proficiency with the Microsoft

Management Console (MMC) and snap-ins and know how to start administrative programs and

access the command line. If operators are not familiar with Network and Sharing Center, it might

be necessary for IT planners or IT managers to review the relevant operations in this guide and

provide the operators with parameters or data that must be entered when the operation is

performed.

How to Use This GuideThe operations areas are divided into the following types of content:

Objectives are high-level goals for managing, monitoring, optimizing and securing Network Center. Each objective consists of one or more high-level tasks that describe how the objective is accomplished. In this guide, Manage Network Connectionsis an example of an objective.

Tasks are used to group related procedures and provide general guidance for achieving the goals of an objective. In this guide, Connect to a network is an example of a task.

Procedures provide step-by-step instructions for completing tasks. In this guide, Display the Network Map is an example of a procedure topic.

If you are an IT manager who is delegating tasks to operators within your organization, you might

want to:

Read through the objectives and tasks to determine how to delegate permissions and whether you need to install tools before operators perform the procedures for each task.

Ensure that you have all the tools installed where operators can use them before assigning tasks to individual operators.

Create “tear sheets” for each task that operators perform in your organization, as needed. You can copy and paste the task and its related procedures into a separate document, and then either print these documents or store them online, depending on your requirements.

What this guide does not provideThis guide does not provide conceptual information about networking technologies.

For security reasons, specific network features included with Windows are not installed by

default. Install these features only if you need to use them, because they open additional network

ports through the firewall, and increase the exposure of your computer to others on the network.

In addition, these technologies are not installed using Network and Sharing Center and are not

documented in this guide:

Internet Information Services (IIS), which includes a Web and FTP server

LPD and LPR Print services for printing to and from UNIX-based computers

RIP Listener, which supports Routing Information Protocol version 1

Services for NFS, which supports file sharing to and from UNIX-based computers

Simple TCP/IP services, which provide miscellaneous network features

Simple Network Management Protocol (SNMP), a common network management protocol

Telnet Client and Server, which are common protocols used to access remote computers

Trivial File Transfer Protocol (TFTP), a non-secure file transfer protocol

To install these Windows features in Windows 7 and Windows Vista, open Control Panel,

click Programs, click Programs and Features, and then click Turn Windows features

on and off. To install these Windows features in Windows Server 2008 R2 and Windows

Server 2008, use Server Manager.

Best Practices for Administering Network and Sharing Center

The following best practices simplify operations and ease administration of the network

connections on your computer:

If you are an administrator, do not give other users network access until you have turned off the Network Location Wizard either for your network, or for a specific user, by creating a new registry entry.

Standard users cannot change the network location. Unless your network is part of a domain,

the default setting for your network is Public location. If your network is not part of a domain,

the Public location setting is recommended.

For more information, see Start Network and Sharing Center.

When using multiple network adapters, rename each local area network connection.

Windows detects network adapters and automatically creates a local area connection in the

Network Connections folder for each network adapter. If more than one network adapter is

installed, you can eliminate possible confusion by immediately renaming each local area

connection to reflect the network to which it connects.

For more information, see Rename a network connection.

Verify required connection settings for your network adapter.

Note

If your network administrator or Internet service provider (ISP) requires static settings, you

might need one or more of the following:

A specific IPv4 or IPv6 address.

One or more Domain Name Service (DNS) addresses.

A DNS domain name.

A default gateway address.

One or more Windows Internet Name Service (WINS) addresses (for IPv4 networks only).

Dynamic Host Configuration Protocol (DHCP) is enabled by default. This gets your IP

address and other configuration information automatically from a service on your network.

Automated IP settings are used for all connections, and they eliminate the need to configure

settings such as DNS, WINS, and so on.

For more information about enabling DHCP, see Configure TCP/IP settings.

Create dial-up, VPN, or broadband connections by using the Set up a Connection or Network page.

After you create a connection, you can copy the connections, rename them and modify the

connection settings. By doing so, you can easily create different connections to

accommodate multiple modems, ISPs, dialing profiles, and so on.

For more information, see Create a copy of a network connection.

Specify the order in which network providers and protocols are accessed.

By changing the order of protocols bound to network providers, you can improve

performance. On many networks, you will use only TCP/IPv4. However, as you introduce

TCP/IPv6 to your network, you can move Internet Protocol Version 6 (TCP/IPv6) to the top

of the File and Printer Sharing for Microsoft Networks and the Client for Microsoft

Networks bindings on the Adapters and Bindings tab.

For more information about modifying the order of protocol bindings, see Modify the protocol

bindings and network provider order.

Only install and enable the network protocols that you need.

Limiting the number of protocols on your computer enhances its performance and reduces

network traffic. Other protocols might be available to you. Install only those required for your

computer to communicate with the hosts you need.

If your computer encounters a problem with a network or dial-up connection, it attempts to

establish connectivity by using every network protocol that is installed and enabled. By only

installing and enabling the protocols that your computer can use, the operating system does

not attempt to connect with protocols it cannot use, and returns status information to you

more efficiently.

For more information, see Enable or disable a network protocol or component.

If Windows does not support your modem make and model, check the manufacturer's Web site for the latest installation or .inf file.

The installation files, particularly for new modems, are often added or updated by

manufacturers. If you cannot find your modem listed in Windows, look in the manufacturer's

documentation to determine whether the modem has the same characteristics as another

supported modem.

Before you connect to another computer or online service provider, check the hardware settings for your modem.

The data connection parameters for two modems need to be identical for them to connect

successfully. Refer to the documentation provided by your service provider for the correct

settings. Typical settings are:

Data bits: 8

Parity: None

Stop bit: 1

Most service providers use these settings. If these do not work, try seven data bits, even

parity, and one stop bit. A few online service providers use these settings. Other settings are

extremely rare.

Administer Network and Sharing Center

Network and Sharing Center provides a central location where you can administer network

connections and sharing on your computer. You can use the following sections to create, view,

modify, and delete network connections of all types, including local area network (LAN), wireless

local area network (WLAN), virtual private network (VPN), dial-up, and broadband. In addition,

you can use other Network and Sharing Center features to view and manage network parameters

and sharing.

The procedures in this guide do not include instructions for cases in which the User

Account Control dialog box opens to request your permission to continue. If this dialog

box opens while you are performing the procedures in this guide, and if the dialog box

was opened in response to your actions, click Continue.

This section includes the following tasks and procedures for administering Network and Sharing

Center:

Start Network and Sharing Center

Manage Network Connections

Manage Network Discovery, File and Printer Sharing

Manage the Network Icon, Network Location, and Network Map

Configure Network and Sharing Center for a Managed Network

Note

Start Network and Sharing Center

You can use this procedure to start Network and Sharing Center.

Any user account can be used to complete this procedure. Review the details in "Additional

considerations" in this topic.

You can use the following methods to start Network and Sharing Center:

To start Network and Sharing Center by using Control Panel

To start Network and Sharing Center from the taskbar notification area

To start Network and Sharing Center from a command prompt

1. Click Start, and then click Control Panel.

2. For Windows 7 and Windows Server 2008 R2, do one of the following:

In Control Panel, in Adjust your computer’s settings, when View by is set to Category, click Network and Internet, and then click Network and Sharing Center.

In Control Panel, in Adjust your computer’s settings, when View by is set to either Large icons or Small icons, click Network and Sharing Center.

3. For Windows Vista and Windows Server 2008, do one of the following:

If you use the Control Panel Home view, under the Network and Internet section, click View network status and tasks.

If you use the Classic View, double-click Network and Sharing Center.

1. Right-click the Network icon in the taskbar notification area.

2. Do one of the following:

In Windows 7 and Windows Server 2008 R2, click Open Network and Sharing Center.

In Windows Vista and Windows Server 2008, click Network and Sharing Center.

1. Click Start, click All Programs, click Accessories, and then click Command Prompt. The command prompt window opens.

2. In command prompt, type the following command, which is not case sensitive, and then press ENTER:

control.exe /name Microsoft.NetworkAndSharingCenter

Additional considerations Although a standard user can start the Network and Sharing Center and perform some tasks,

many configuration changes can only be made by an administrator or a member of the

To start Network and Sharing Center by using Control PanelTo start Network and Sharing Center from the taskbar notification areaTo start Network and Sharing Center from a command prompt

Network Configuration Operators group. See the group membership requirements documented in each procedure in this guide.

Manage Network Connections

You can use the following sections to create, configure, and manage network connections.

Network connections provide you with the ability to connect your computer to both local and

remote networks. Local networks can be wired local area networks (LANs) or wireless local area

networks (WLANS). Remote networks can include virtual private networks (VPNs), networks

deployed with dial-up servers that you access with a phone line and a modem, and Broadband

networks that you access with an ISDN adapter.

When you create a connection to a wireless, dial-up, broadband, or VPN network,

Windows stores the configuration in a connection profile. By default, these profiles are

stored in the file RASPhone.pbk found in %userprofile%\AppData\Roaming\Microsoft\

Network\Connections\PBK. After you create a connection profile, you can then connect

to the network that is defined by the profile.

This section includes the following tasks

Open the Network Connections folder and view available connections

Enable connection logging

Specify a default network connection

Establish Network Connections

Configure Network Connections

Configure Incoming Connections

Configure Network Protocols and Components

Disconnect a wireless, dial-up, or VPN connection

Repair a LAN or High Speed Internet Connection

Secure Network Connections

Open the Network Connections folder and view available connections

You can use this procedure to open the Network Connections folder to view all defined network

connections and their current status.

With the Network Connections folder, you can:

See each connection displayed with a graphical icon that conveys status information about that connection. For more information, see Review Network and Sharing Center icons

Note

View the status of active network connections.

Configure network connection properties.

When in the Network Connections folder, you can right-click any of the icons to:

Connect to or Disconnect from a network.

Specify a Default connection. The default connection is the one that Windows attempts to start whenever it needs to access the network, and no connection is currently active.

Display the Status page for an active connection.

Diagnose problems with an active connection.

Display the Properties page to configure the connection.

Rename a connection.

Create a Copy of a connection.



1. Start Network and Sharing Center.


In Windows 7 and Windows Server 2008 R2, in the Tasks pane, click Change adapter settings.

In Windows Vista and Windows Server 2008, in the Tasks pane, click Manage network connections.

Additional considerations Although a standard user can start the Network Connections folder and perform some tasks,

many configuration changes can only be made by an administrator or a member of the Network Configuration Operators group. See the group membership requirements documented in each procedure in this guide.

Enable connection logging

You can use this procedure to turn on diagnostic logging for your remote network connections.

This can help in troubleshooting difficulties in connecting to the networks by exposing more

details of the traffic than are provided in the user interface.

Membership in the local Administrators group, or equivalent, is the minimum required to

complete this procedure.

1. Open the Network Connections folder and view available connections.

To open Network Connections To enable diagnostic logging for your network connections

2. Press ALT to display the menu bar.

3. On the Advanced menu, click Remote Access Preferences.

4. On the Diagnostics tab, do one or more of the following:

To enable logging for all remote access connections, select the Enable logging check box. After making one or more attempts to connect to the remote network, return to this dialog box, and then click Generate report.

To clear logs created during previous connection attempts, click Clear Log. To generate a report, click Generate Report.

5. If you clicked Generate Report in the previous step, do one of the following:

To view the diagnostic report, click View report.

To save the report to a file, click Save report to this file, and specify the location and the name of the file you want to create. Specify the location by typing it or by clicking Browse, and then browsing to the location you want.

To send the report to an e-mail address, click Send report to this e-mail address, and then type the e-mail address to which you want to send the report.

To quickly generate a more concise report, select the Generate summary report check box.

6. Click OK to generate the report you requested.

Additional considerations Creating a diagnostic report in HTML can take several minutes. If you need only configuration

and installation information, you can create a summary report.

Specify a default network connection

You can use this procedure to specify one of your network connections as the default connection.

The default connection is started whenever Windows needs to communicate with another

computer on the network, and a connection is not currently available.

Any user account can be used to complete this procedure.

You can use the following methods to configure a default network connection:

To specify a default connection by using the Network Connections folder

To specify a default connection by using Internet Options


2. Right-click the VPN or dial-up connection, and then click Set as Default Connection.

To specify a default connection by using the Network Connections folder

1. Open Internet Explorer.

2. On the Tools menu, click Internet Options.

3. Click the Connections tab.

4. On the Connections tab, in Dial-up and Virtual Private Network settings, select either Dial whenever a network connection is not present or Always dial my default connection.

5. In the list box, select the connection that you want to make the default, and then click Set default.

If Windows needs, but cannot find a usable connection, then it will offer to dial the default connection for you when you select Dial whenever a network connection is not present.

Windows does not use any existing active connections unless it is your default connection when you select Always dial my default connection. If the default connection is not already connected, then Windows offers to initiate a connection using the default.

Whenever Windows attempts to connect automatically it displays the Dial-up Connection dialog box, with your default connection selected in the Connect to list. If you want Windows to always dial your default connection without prompting you from now on, select the Connect automatically check box, and then click Connect.

Additional considerations You can specify locations for which autodial does or does not work. For more information, see

Configure Autodial.

Establish Network Connections

Windows automatically installs and configures local area network (LAN) adapters; however there

are several other ways to connect to other networks. Windows supports direct LAN connections

and WLAN connections as well as connections that are started only when required, such as

connections to remote networks using VPN, dial-up, or Broadband connections.

Before you can connect to a network, you must provide the required information for Windows to

successfully communicate and authenticate with the access server that provides the access to

the network.

To complete this task, you can perform the following procedures:

Create a Local Area Network (LAN) connection

Connect to a network

Create a wireless network connection

Create a Virtual Private Network (VPN) connection

Create a dial-up or ISDN connection

To specify a default connection by using Internet OptionsNotes

Create a Local Area Network (LAN) connection

If your computer has a network adapter that is connected to a local area network, you do not

need to manually create a LAN connection, because Windows automatically creates and

configures the connection when you start your computer.

After Windows detects your network adapter, Windows creates and starts a network connection

that is configured by default with Transmission Control Protocol/Internet Protocol (TCP/IP)

versions 4 and 6 enabled. In addition, Windows configures the LAN connection as a Dynamic

Host Configuration Protocol (DHCP) client that obtains network parameters, such as an Internet

Protocol (IP) address and default gateway IP address, from a DHCP server.

If you do not have a DHCP server on your local subnet or on another subnet with all intermediary

network hardware, such as routers and switches, configured to allow the forwarding of DHCP

broadcast messages, you must configure the local area connection manually.

If you have more than one network adapter installed in your computer, you can eliminate possible

confusion by renaming each connection to reflect the network to which it connects. For more

information, see Rename a network connection.

To enable or disable a LAN connection, see Enable or disable a network connection.

To view the status of a LAN connection, see View network connection status.

Connect to a network

You can use the following sections to learn how to connect to a remote network using Network

and Sharing Center.

Connect to a network in Windows Vista and Windows Server 2008

Connect to a network in Windows 7 and Windows Server 2008 R2

Connect to a network in Windows Vista and Windows Server 2008

You can use this procedure to connect a computer that is running Windows Vista or Windows

Server 2008 to a network using a wireless, wired, VPN, or dial-up connection. After you establish

the connection, you can access resources on the remote network according the permissions that

are granted to you by the administrator on that network.

Connections that appear in the Connect to a network page include:

Wireless networks. Windows does not automatically connect your computer to a wireless network until you configure the connection with any required security information, and then specify that the network is to be connected automatically.

Dial-up and VPN connections that you have defined. Windows connects to these networks only when you specify the connection type. You can configure one of your dial-up or VPN networks as a default auto-dial network.

Connections created with the Connection Manager Administration Kit (CMAK). These are administrator created and distributed connection profiles that can include advanced security features and customization for a specific organizational network. For more information about CMAK, see Additional Resources.


You can use the following methods to connect to a remote network:

To connect to a network by using the Windows interface

To connect to a wireless network by using a command prompt

To connect to a dial-up network by using a command prompt

To connect to a VPN by using a command prompt

Right-click the Network icon ( ) in the notification area, and then click Connect to a network.

2. Filter the list of connections to include only those of the type you want by selecting the type from the Show list. You can select Wireless, Dial-up and VPN, or All.

3. Select your connection in the list of available connections.

4. Click Connect.

5. If the connection you select requires additional information, such as a user ID and password, or a Wired Equivalency Privacy (WEP) or Wi-Fi Protected Access (WPA) security key, Windows prompts you for the required information. After you supply all required information, the connection is completed.

Additional considerations You can also start the Connect to a network page by clicking Start, and then clicking

Connect To.

If you just created the connection, you might need to click the Refresh button located above and to the right of the list of available connections.

If you are prompted for credentials, and you want to log on to a domain, type your user name and the domain name in one of two ways:

To connect to a network by using the Windows interface

Your user principal name prefix (your user name) and your user principal name suffix (your domain name), joined by the "at" symbol (@). For example, [email protected].

Your domain name and your user name, separated by the backslash (\) character. For example, sales\user.

Note that the suffix in the first example is a fully-qualified Domain Name System (DNS)

domain name. Your administrator might have created an alternative suffix to simplify the

logon process. For example, creating a user principal name suffix of "contoso" allows the

same user to log on by using the much simpler [email protected].

Instead of having to type your domain name, you can also configure your connection to

include your logon domain in the Connect ConnectionName dialog box, as follows:

a. Click Properties if the button is enabled.

b. On the Options tab, select the Include Windows logon domain check box.

After connecting to a remote network, you might not be able to see all computers on your local

network. This is because after you connect, your remote connection becomes your default path

for network routing. Consequently, you see computers on the remote network, and you see other

computers on the same LAN segment to which your computer is connected. But you cannot

communicate by using computers on networks that were previously reached through a router on

your local LAN.

You can use the netsh command to connect to and disconnect from wireless networks for which

you have defined profiles.

At a command prompt, type the following, and then press ENTER:

netsh wlan connect profilename [ssid=ssid] [interface=placeholder]

Parameter Description

profilename Specifies the profile name of the wireless

network connection. To see a list of the

currently available profiles, type:

Netsh wlan show profiles

ssid=ssid Specifies the Service Set Identifier (SSID)

of the wireless network. This parameter is

only required if the profile contains more

than one SSID. The SSID is the identifier for

the wireless network to its clients. All

networks within range of each other must

have unique SSIDs, or else clients will have

difficulty connecting.

To connect to a wireless network by using a command prompt


interface=interface Specifies the interface to use to connect to

the wireless network. This parameter is only

required if more than one wireless network

adapter is available on the computer. To see

a list of the available interfaces, type:

Netsh wlan show interfaces

Formatting legend

Format Meaning

Italic Information that the user must supply

Bold Elements that the user must type exactly as

shown

Between brackets ([]) Optional items

Additional considerations To open a command prompt, click Start, click All Programs, click Accessories, and then

click Command Prompt.

You can use the rasdial command to connect to and disconnect from dial-up connections to

remote networks for which you have defined profiles.


rasdial ProfileName [user name [password|*]] [/domain:domain]

[/phone:PhoneNumber] [/callback:CallbackNumber] [/phonebook:PhoneBookFile]

[/prefixsuffix]


ProfileName Specifies the profile name of the remote network connection.

user name [password|

*]

Specifies a user name and password with which to connect. If an

asterisk is used, the user is prompted for the password, but

Windows does not display the characters typed.

/domain:domain Specifies the domain in which the user account is located.

To connect to a dial-up network by using a command prompt


/phone:PhoneNumber Substitutes the specified phone number for the phone number

included in the profile.

/

callback:CallbackNum

ber

Substitutes the specified callback number for the callback number

included in the profile.

/

phonebook:PhoneBo

okFile

Specifies the path to the file containing the profile. When you

create a connection profile, Windows stores it at %userprofile%\

appdata\roaming\microsoft\network\connections\pbk\

rasphone.pbk, which is the default path if you do not specify this

parameter.

/prefixsuffix Applies the current dialing location rules to the phone number.

These settings are configured in Phone and Modem Options,

which is located in Control Panel. This option is not enabled by

default. For more information about dialing rules, see Change

How Windows Dials Phone Numbers.

Formatting legend

Format Meaning



shown


Additional considerations To start a command prompt, click Start, click All Programs, click Accessories, and then


If you are using Connection Manager profiles that were created by using the Connection Manager Administration Kit (CMAK), these profiles cannot be started from a command prompt. CMAK profiles cannot be started from a command prompt because specific features of a CMAK profile can require user interaction through a graphical interface.

You can use the rasdial command to connect to and disconnect from VPN connections to remote

networks for which you have defined profiles.


rasdial ProfileName [user name [password|*]] [/domain:domain] [/phone:FQDNorIP]

[/phonebook:PhoneBookFile]

Value Description

ProfileName Specifies the profile name for the connection to the remote

network.

user name [password|

*]

Specifies a user name and password with which to connect. If an

asterisk is used, the user is prompted for the password, but

Windows does not display the characters typed.

/domain:domain Specifies the domain in which the user account is located.

/phone:FQDNorIP Substitutes the specified fully qualified domain name or IP

address for the name or address included with the profile.

/

phonebook:PhoneBo

okFile

Specifies the path to the file containing the profile. When you

create a connection profile, Windows stores it at %userprofile%\

appdata\roaming\microsoft\network\connections\pbk\

rasphone.pbk, which is the default path if you do not specify this

parameter.

Formatting legend

Format Meaning



shown


Additional considerations To open a command prompt:

On Windows Vista, click Start, click All Programs, click Accessories, and then click Command Prompt. You can also type cmd in the Start Search box.

On Windows Server 2008, click Start, and then click Run.

Connection profiles created with CMAK cannot be started at a command prompt. Specific features of a CMAK profile can require interaction from the user through a graphical interface.

To connect to a VPN by using a command prompt

Connect to a network in Windows 7 and Windows Server 2008 R2

You can use this procedure to connect a computer that is running Windows 7 or Windows

Server 2008 R2 to a network using a wireless, wired, VPN, or dial-up connection. After you

establish the connection, you can access resources on the remote network according the

permissions that are granted to you by the administrator on that network.


1. Click the Network icon in the notification area. The Currently connected to dialog box opens.

2. In Currently connected to, click the network connection to which you want to connect, and then click Connect.

3. If the connection you select requires additional information, such as a user ID and password, or a Wired Equivalency Privacy (WEP) or Wi-Fi Protected Access (WPA) security key, Windows prompts you for the required information. After you supply all required information, the connection is completed.

You can also connect to a network by using commands at the command prompt.

To connect to a wireless network, use the netsh wlan connect command. For more information, see Netsh Commands for Wireless Local Area Network (WLAN) in Windows Server 2008 R2 at http://go.microsoft.com/fwlink/?LinkId=201598.

To connect to a dial-up or VPN network for which you have defined profiles, you can use the rasdial command. For more information, see Rasdial at http://go.microsoft.com/fwlink/?LinkId=201597.

Create a wireless network connection

You can use the following procedures to create a connection to a wireless network. Windows fully

supports wireless network adapters that conform to the standard network specifications, including

IEEE 802.11.

By default, wireless network adapters are automatically enabled upon installation, and start

listening for wireless networks that are within range. For security reasons, when an adapter

discovers a wireless network, the adapter does not automatically connect to the network. To

initially connect to any wireless network, you must follow one of the procedures in this section to

To connect to a network

http://go.microsoft.com/fwlink/?LinkId=201597



create the wireless network connection. After the first connection to the new network, you can

configure Windows to connect to the network automatically when the network is in range.

You can use the following topics to connect to a wireless network.

Create a Wireless Network connection in Windows Vista and Windows Server 2008

Create a Wireless Network connection in Windows 7 and Windows Server 2008 R2

Create a Wireless Network connection in Windows Vista and Windows Server 2008

You can use this procedure to create a connection to a wireless network.


You can make a connection to the following types of wireless networks:

To a network that is visible and in range

To a network that is not visible

Make a connection to a wireless network that is visible and in range

Most wireless network access points can be configured to broadcast its Service Set Identifier

(SSID) or to not broadcast it. If a wireless access point is broadcasting, then Windows can

discover it, determine the security requirements, and if you choose, connect to it.

Right-click the Network icon ( ) in the notification area.

2. Click Connect to a network.

Windows displays the Connect to a network dialog box that lists all compatible wireless

networks within range. If the one you are looking for is not listed, you can click the

Refresh button in the upper right of the dialog box to try searching again. If there are

several network connections defined on your computer, or several wireless networks

within range, you might need to scroll up to see the network for which you are looking.

3. Select the network to which you want to connect, and click Connect.

4. If it is an unsecured network, that is a network not using Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or another supported encryption protocol, then Windows asks you to confirm that you want to connect to that network.

Click Continue Anyway if you do want to connect.

Click Connect to a different network to return to step 3.

5. If the network requires it, Windows prompts you for the security key needed to complete the connection. Enter the key and click Connect.

6. Windows displays the confirmation message that you successfully connected to the network, or if it could not connect, gives you the option to either Diagnose the problem,

To connect to a network that is visible and in range

or Connect to a different network.

Make a connection to a wireless network that is not visible

If a wireless network access point is not broadcasting its SSID, then Windows cannot display the

network in the list of networks within range. You can still connect to it by manually entering the

SSID and security information.


2. Click Connect to a network.

Your wireless network does not appear in the list, because its SSID is not being

broadcast.

3. Click Set up a connection or network.

4. On the Choose a connection option page, select Manually connect to a wireless network, and click Next.

Windows displays the Enter information for the wireless network you want to add

page.

5. In the Network name box, enter the SSID of the network.

6. From the Security type list, select the type of security used by the network.

7. From the Encryption type list, select the type of encryption used by the network. The choices available in this list are determined by the selection you made in the previous step.

8. If the security and encryption types you specified require it, the Security key/Passphrase text box is enabled. Enter the key or phrase used by your network. If you wish to see the key or phrase as you type it, click Display characters.

9. If you want your computer to connect to this network whenever it is within range, then check Start this connection automatically.

10. If the network is not broadcasting its SSID, then you need to check Connect even if the network is not broadcasting.

11. Click Next.

Windows indicates that it created your connection, and gives you the option to either start

the connection or to change the configuration settings for the connection.

Create a Wireless Network connection in Windows 7 and Windows Server 2008 R2

You can use this procedure to create a connection to a wireless network.

To connect to a network that is not visible


1. Click the Network icon in the task bar notification area. The Connections are available dialog box opens.

2. In Connections are available, ensure that Wireless Network Connection is expanded to reveal the list of available wireless networks. Click the name of the wireless network to which you want to connect. For example, if you want to connect to the Example wireless network, click Example. Click Connect. Depending on whether the wireless network is a secure or unsecured network:

If you are connecting to an unsecured network, the connection succeeds and you can begin to use the wireless network.

If you are connecting to a secured network where a security key is required, the Connect to a network dialog box opens. In Connect to a network, in Security key, type the security key, and then press ENTER.

Create a Virtual Private Network (VPN) connection

You can use the following procedures to create a VPN connection to a remote network. A VPN

connection is a method for allowing a computer to access a secured remote network by using a

non-secure network, such as the Internet, that lies between them.

The remote network requires a VPN server computer that has two network connections: one to

the public network and one to the secured network. Microsoft provides VPN server functionality in

the Routing and Remote Access server role that is included with Windows Server.

The client computer on the Internet, which is the VPN client, establishes a connection to the VPN

server, and the two computers encrypt all data transmitted between them. When the VPN server

receives a packet from the VPN client, it decrypts the packet and then retransmits it on the secure

network. Traffic that is sent from hosts on the secured network to the VPN client pass through the

VPN server computer, which encrypts the information before transmitting it to the VPN client over

the public network.

You can use the following sections to create a VPN connection.

Create a VPN connection in Windows Vista and Windows Server 2008

Create a VPN connection in Windows 7 and Windows Server 2008 R2

To create a wireless connection

Create a VPN connection in Windows Vista and Windows Server 2008

You can use this procedure to create a VPN connection to a remote network. A VPN connection is

a method for allowing a computer to access a secured remote network by using a non-secure

network, such as the Internet, that lies between them.



You can use the following methods to create a VPN connection:

To create a VPN Connection over a LAN connection and the Internet

To create a VPN connection over a dial-up or broadband PPPoE connection


2. On the Tasks pane, click Set up a connection or network.

3. In the list, select Connect to a workplace, and then click Next.

4. On the Choose a connection option page, click Set up a virtual private network (VPN) connection, and then click Next.

5. On the How do you want to connect page, click Use my Internet Connection (VPN).

6. In the Internet address text box, type the host name, IPv4 address, or IPv6 address of the remote VPN server.

7. In the Destination name text box, type the name for this connection that you want displayed in Network and Sharing Center.

8. If the remote VPN host supports smart card authentication, then select Use a smart card.

9. If this connection can be used by any user on this computer, then select Allow other people to use this connection.

10. If you do not want to connect right now, then select Don't connect now; just set it up so I can connect later. If you leave this check box unselected, then the computer attempts to complete the connection as soon as you finish configuring the connection.

11. Click Next.

12. In the User name, Password, and Domain text boxes, enter the credentials that grant you access to the remote network.

13. If you want the computer to remember these credentials and for each time you connect, then select Remember this password.

14. Windows saves your network configuration so that it is available for use from the Connect to menu.

To create a VPN Connection over a LAN connection and the Internet

15. Click Next.

One of the following results occur:

If you did select the Don't connect now check box, then Windows displays a page that indicates that your connection is ready to use. You can use the connection by clicking the Connect to my workplace now link, or click Close.

If you did not select the Don't connect now check box, then Windows immediately attempts to connect to the network.

Additional considerations VPN connections are blocked by default by many software and hardware firewall products.

Make sure that any firewall software you run on this computer is configured to allow VPN connections. Also, configure any firewall components on your network to allow VPN traffic to pass through. For more information, see the documentation provided with your firewall software or hardware device.

To make the connection available to all users, you must be logged on as a member of the Administrators group or the Network Configuration Operators group.

You can create multiple VPN connections by copying them in the Network Connections folder. You can then rename the connections and modify connection settings. By doing so, you can easily create different connections to accommodate multiple hosts, security options, and so on. For more information, see Create a copy of a network connection and Rename a network connection.


Creating a VPN connection over a dial-up or PPPoE connection involves creating the dial-up or

PPPoE connection and VPN connection separately, and then configuring the VPN connection to

use the dial-up or PPPoE connection instead of the Internet.

When you follow this procedure, you still have two connections listed in the Network Connections

folder, but you only have to start the VPN connection. Windows starts the dial-up or PPPoE

connection for you first, and then establishes the VPN connection in addition to the dial-up or

PPPoE connection.

You might want to consider naming your VPN connection in a way that indicates to you that it will

start a dial-up or PPPoE connection.

1. Create a dial-up or ISDN connection in Windows Vista and Windows Server 2008 or Create a Broadband connection using PPPoE in Windows Vista and Windows Server 2008.

2. Follow the procedure Make a VPN connection over a LAN connection and the Internet above to create a VPN connection over the Internet.

3. After you have created both connections, open the Network Connections folder.

4. Right-click your VPN connection, and then click Properties.


5. In the First connect box, select Dial another connection first, and then select your dial-up or PPPoE connection in the list.

6. Click OK.

Create a VPN connection in Windows 7 and Windows Server 2008 R2

You can use this procedure to create a VPN connection to a remote network. A VPN connection is

a method for allowing a computer to access a secured remote network by using a non-secure

network, such as the Internet, that lies between them.


1. Click the Network icon in the task bar notification area, and then click Open Network and Sharing Center. Network and Sharing Center opens.

2. In Change your network settings, click Set up a new connection or network. The Set up a new connection or network wizard opens.

3. Follow the steps in the Set up a new connection or network wizard, selecting or typing all relevant VPN options, including either the IP address or fully qualified domain name of the VPN server to which you want to connect, and then click Create.

To modify the properties of a VPN connection after you’ve created it, click the Network

icon, right-click the VPN connection, and then click Properties. The VPN Connection

Properties dialog box opens, and you can modify the VPN connection.

Create a dial-up or ISDN connection

You can use the following procedures to create a dial-up networking connection that uses your

modem or Integrated Services Digital Network (ISDN) adapter.

Create a dial-up or ISDN connection in Windows Vista and Windows Server 2008

Create a Broadband connection using PPPoE in Windows Vista and Windows Server 2008

Create a dial-up or ISDN connection in Windows 7 and Windows Server 2008 R2

To create a VPN connectionNote

Create a dial-up or ISDN connection in Windows Vista and Windows Server 2008

You can use this procedure to create a dial-up networking connection that uses your modem or

Integrated Services Digital Network (ISDN) adapter.




2. In the Tasks pane, click Set up a connection or a network.

3. Click Set up a dial-up connection, and click Next.

4. If you have more than one modem installed, click the modem you want to use for this connection. If you want to use multiple device dialing, select one modem for now, and after completing this procedure, see Enable multiple device dialing.

5. In the Dial-up phone number text box, type the phone number for your Internet service provider (ISP).

6. To configure the rules Windows uses to determine how to dial the number, click Dialing Rules. For more information, see Change How Windows Dials Phone Numbers.

7. In the User name and Password text boxes, enter the user name and password provided by your ISP. You can click Show characters to ensure that you type the password correctly.

8. If you want Windows to save these credentials for each time you start this connection, select the Remember this password check box.

9. Type a connection name.

The connection name will appear in the Network and Sharing Center when this

connection is active, and in the Network Connections folder.

10. If your computer is shared by two or more people who have their own user accounts on your computer, you can allow them to use the connection by checking the Allow other people to use this connection check box. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

11. When you have finished entering all of the information, click Connect.

12. Windows attempts to connect and test your connection. If you do not want to connect now, click Skip.

13. If the connection test is not completed or fails, you can diagnose the problem. If you want to skip the test, click Set up the connection anyway.

14. Click Close.

15. The connection appears in the Network Connections folder.

To create a dial-up network connection by using a modem or ISDN adapter

Additional considerations To make the connection available to all users, you must be logged on as a member of the

Administrators group or the Network Configuration Operators group.

In addition to configuring the dialing rules for your location, you might also have to configure modem properties to correctly reach the dial tone for your location.

Create a Broadband connection using PPPoE in Windows Vista and Windows Server 2008

You can use this procedure to create a connection to the Internet through a cable or digital

subscriber line (DSL) modem that uses Point-to-Point Protocol over Ethernet (PPPoE).




2. In the Tasks pane, click Set up a connection or network.

3. On the Choose a connection option page, select Connect to the Internet, and then click Next.

4. If you already have another connection to the Internet active, the You are already connected to the Internet page appears. Click Set up a new connection anyway.

5. If the Do you want to use a connection that you already have page appears, click No, create a new connection, and then click Next.

6. Click Broadband (PPPoE).

7. Type the User name and Password provided to you by your Internet service provider (ISP). You can click Show characters to ensure that you type the password correctly.

8. If you want Windows to save these credentials for each time you start this connection, select the Remember this password check box.

9. Type a connection name.

The connection name will appear in the Network and Sharing Center when this

connection is active, and in the Network Connections folder.

10. If your computer is shared by two or more people that have their own user accounts on your computer, you can allow them to use the connection by selecting the Allow other people to use this connection check box.

11. When you have finished entering all of the information, click Connect.

12. Windows attempts to connect and test your connection. If you do not want to connect

To create a broadband PPPoE connection to the Internet

now, click Skip.

13. If the connection test is not completed or fails, you can diagnose the problem. If you want to skip the test, click Set up the connection anyway.

14. Click Close.

The connection appears in the Network Connections folder. Your new connection is

automatically configured as your default network connection.

Additional considerations To make the connection available to all users, you must be logged on as a member of the

Administrators group or the Network Configuration Operators group.

Create a dial-up or ISDN connection in Windows 7 and Windows Server 2008 R2

You can use this procedure to create a dial-up networking connection that uses your modem or

Integrated Services Digital Network (ISDN) adapter.


To perform this procedure, you must have a modem or an ISDN adapter installed in your

computer. In addition, you must know your user name and password. If you are

connecting to a dial-up server using a modem, you must also know the telephone number

of the dial-up server.


2. In Change your network settings, click Set up a new connection or network. The Set up a new connection or network wizard opens.

3. Follow the steps in the Set up a new connection or network wizard, entering all relevant dial-up or ISDN options, and then click Create.

ISDN connections are named Broadband connections in the Set up a new connection or network wizard. To create an ISDN connection, select Connect to the Internet and Broadband Connection WAN Miniport (PPPOE) on their respective wizard pages.

To create a dial-up connection while running the Set up a new connection or network wizard, select Connect to a workplace and Dial-up Connection on their respective wizard pages.

Important To create a dial-up or ISDN connection

Notes

To modify the properties of an existing Broadband or Dial-up connection, click the Network icon in the task bar notification area, right-click the connection you want to change, and then click Properties.

Configure Network Connections

The topics in this section provide information about configuring network connections, including

copying, deleting, and renaming connections as well as modifying the properties of individual

connections.

To complete this task, you can perform the procedures in the following sections:

Create a copy of a network connection

Enable or disable a network connection

Rename a network connection

Configure Dial-up and ISDN network connections

Configure VPN connections

Delete a network connection

View network connection status

Create a copy of a network connection

You can use this procedure to make a copy of any of the network connections that you created.

Wired LAN and wireless network connections cannot be copied.



2. Right-click the connection you want to copy, and then click Create copy.

The new connection appears in your Network Connections folder with the name Copy of

OriginalConnectionName, with all of the same configuration settings as the original

connection. You can now perform the following procedures:



To copy a network connection

Enable or disable a network connection

You can use this procedure to enable or disable a network connection. This only applies to

connections that are automatically active, such as LAN, wireless, and Bluetooth connections.




2. Right-click the network connection that you want to change.

If the connection is currently disabled, you can click Enable.

If the connection is currently enabled, you can click Disable.


You can use this procedure to rename a network connection. Windows provides a default name

for automatically discovered and connected networks. For network connections that you create,

you specify the name when you first create them. In either case, you might want to rename a

connection at some time.




2. Right-click the connection you want to rename, and then click Rename.

3. Type a new name for the connection, and then press ENTER.

Additional considerations Standard users can rename connections that they create. To rename a connection created by

another user, or a connection created automatically by Windows, you must be a member of the Administrators or Network Configuration Operators groups.

A connection name cannot contain tabs or any of the following characters:

\ / : * ? < > |

To enable or disable a network connection To rename a network connection

Configure Dial-up and ISDN network connections

Dial-up and ISDN network connections must be configured to dial a sometimes complex string of

digits using a device that transmits your data across a phone line. The devices that interconnect

your computer with the public telephone system have unique configuration requirements. This

section documents some configuration procedures for network connections that are unique to

dial-up and ISDN connections.

To complete this task, you can perform the procedures in the following sections:

Change How Windows Dials Phone Numbers

Configure Dial-up Options

Change How Windows Dials Phone Numbers

When you run a program that requires Windows to connect using a dial-up modem, it needs the

complete phone number, as well as instructions about how to dial that number. Depending on

where you are dialing from, you might or might not need to dial a long distance access number or

the area code. You might be in a location that requires that you dial 9 (or some other number) to

access an outside line before you can dial the destination number. You might also need to access

the network of an alternative phone carrier.

Windows supports all of these features by providing:

Locations. A location is associated with the place from which you are dialing. You can create locations for your home, your work, or a location from which you always want to use a calling card.

Dialing rules. Rules specify how a specific phone number is dialed from a specific location. For example, a rule might specify that from a specific location you must always dial 9 first, in order to access an outside line.

Area code rules. Area code rules specify how phone numbers are to be dialed from your current area code into other area codes or within your area code.

Calling cards. Calling cards allow you to enter the information required for Windows to connect to a specific phone carrier, including identification information, such as an account number and a personal identification number (PIN) that grants you access to that network.

One important related item is configuring the modem properties to properly interact with the

phone system at your location. Use your modem and Internet Service Provider (ISP)

documentation to ensure that the modem is configured correctly.


Create a new dialing location

Change dialing properties for a location

Specify area code rules

Specify numbers to dial an outside line

Create a new calling card

Modify an existing calling card

Use a calling card to dial long distance

Specify a long distance carrier

Create a new dialing location

You can use this procedure to define a new dialing location. A dialing location is specified by the

user before dialing a phone number, and is used by Windows to configure the phone number so

that it is dialed correctly.


1. Click Start, click in the Search text box, and then type TELEPHON.CPL and press ENTER. The Phone and Modem dialog box opens.

2. In the Phone and Modem dialog box, on the Dialing Rules tab, click New.

3. On the General tab, in Location name, type the name of the new location.

4. Specify the settings of your telephone line by providing additional information on the General tab, the Area Code Rules tab, and the Calling Card tab. Click OK.

Additional considerations You can also access the Phone and Modem Options dialog box from the Properties page

of any of your dial-up connections. On the General tab, select the Use dialing rules check box, and then click Dialing Rules.

Change dialing properties for a location

You can use this procedure to change the dialing rules associated with a location, including:

How an outside line is accessed

How a long-distance call is dialed

How an international call is dialed

How calls between the area code associated with the current dialing location and another area code are dialed

Whether to use a calling card to place the call through an alternative carrier

To create a new dialing location



2. In the Phone and Modem dialog box, on the Dialing Rules tab, click the location to modify, and then click Edit.

3. Click a tab to make changes to:

General settings. See Specify numbers to dial an outside line.

Area Code Rules. See Specify area code rules.

Calling Card. See Create a new calling card.

Additional considerations You can also access the Phone and Modem Options dialog box from the Properties page of

any of your dial-up connections. On the General tab, select the Use dialing rules check box, and then click Dialing Rules.

Specify area code rules

You can use this procedure to configure rules that determine how phone numbers are dialed from

within a specific area code. Area code rules enable you to change the dialing patterns for calls to

numbers in the same country or region. The default area code rule for numbers in another area

code often requires the program to dial a country code, the area or city code, and then the phone

number. For numbers in the same area code, the program dials only the local phone number.



2. In the Phone and Modem dialog box, on the Dialing Rules tab, click the location to modify, and then click Edit.

3. To create a new location, click New.

4. Click the Area Code Rules tab, and then perform one of the following options:

To add a new area code rule, click New.

To edit an existing rule, click the rule and then click Edit.

5. In Area code, enter the area or city code.

6. In Prefixes, select one of the following options:

To apply the rule to all prefixes in the area code, select the Include all the prefixes

To change dialing properties for a location To specify an area code rule

within this area code check box.

To apply the rule to specific prefixes, select the Include only the prefixes in the list below check box, click Add, enter one or more prefixes, and then click OK.

7. In Rules, select one or both of the following options:

To dial a number before the phone numbers that contain these prefixes, select the Dial check box, and then type the digits to dial.

To dial the area code before the phone number, select the Include the area code check box.



Specify numbers to dial an outside line

You can use this procedure to configure the digits that have to be dialed to reach an outside line.

This is commonly used to insert an '8' or '9' before the phone number when dialed on a private

phone system, such as in a hotel or a place of business.



2. In the Phone and Modem dialog box, on the Dialing Rules tab, click the location you want to modify, and then click Edit.

Alternatively, to create a new location, click New.

3. On the General tab, in Dialing rules, type the numbers required to reach an outside line for local and long distance calls.

Additional considerations You can also access the Phone and Modem Options dialog box from the Properties page of

any of your dial-up connections. On the General tab, select the Use dialing rules check box, and then click Dialing Rules.

Do not use this procedure to specify the numbers required before dialing to a different city, area, or country/region, such as 1, 0, 00, or 011. The numbers specified here are to dial local or long distance calls from within a private branch exchange (PBX), such as used by a company or other organization.

To specify numbers to dial an outside line

Create a new calling card

You can use this procedure to create a new calling card. A calling card is used to specify the

additional numbers required to access the network of another phone carrier, identify your account

on that network, and provide your personal identification number (PIN) to provide security.





3. On the Calling Card tab, click New.

4. On the General tab, type the value for the following settings:

Calling card name: The name you use to identify the card.

Account number: The account number provided by the calling card company for the calling card. For some calling cards this is the home or business phone number associated with the account.

Personal Identification Number (PIN): Any personal number required to secure your account against unauthorized use. Often a four digit number, this is usually dialed after the account number when you place a call. Some calling cards do not use a PIN.

5. On each of the Long Distance, International and Local Calls tabs, type the phone number that is required to access the corresponding service. Include all the digits you need to dial after you access an outside line:

On the Long Distance tab, Access number for long distance calls is the phone number required to access the calling card service for domestic long distance calls.

On the International tab, Access number for international calls is the phone number required to access the calling card service for international long distance calls.

On the Local Calls tab, Access number for local calls is the phone number required to access the calling card service for local calls. Leave this blank to dial local numbers without using the calling card.

6. On each of the Long Distance, International and Local Calls tabs, in Calling card dialing steps, click the following buttons to add it as a specific step needed to complete a call:

Access Number: The number to access the calling card company. This will dial the

To create a new calling card

access number entered at the top of the tab.

Account Number: The account number that identifies your account, which was entered on the General tab.

PIN: Your personal identification number, which was entered on the General tab, usually dialed immediately after the account number.

Destination Number: The country/region code, area code, and phone number.

Wait for Prompt: Pauses dialing for a dial tone, voice message, or time interval.

Specify Digits: Any sequence of the digits 0-9, *, and #.

7. To reposition any step in the order of calling card dialing steps, click the step, and then click Move Up or Move Down.

When you enter a calling card PIN number, this number is displayed in plaintext.

Therefore, to enhance security, type this number in a private location whenever possible.

If you are not in a private location, take care to ensure that this number is not exposed to

another user.



If you add Access Number, PIN, or Account Number default steps to the Calling card dialing steps and the corresponding field is blank, the program will prompt you to enter the missing value when you click OK or Apply.

Modify an existing calling card

You can use this procedure to change the rules associated with an existing calling card.




3. On the Calling Card tab, click the card type you want to modify, and then click Edit.

4. Click the General tab to change the calling card name, number, or your personal identification number (PIN).

5. Click the Long Distance, International, or Local Calls tab to change the access number or dialing steps for the corresponding type of call.

Important To modify an existing calling card

When you enter a calling card PIN number, this number is displayed in plaintext.

Therefore, to enhance security, type this number in a private location whenever possible.

If you are not in a private location, make sure that this number is not exposed to another

user.



If you add Access Number, PIN, or Account Number to the Calling card dialing steps and the corresponding field is blank, Windows prompts you to enter the missing value when you click OK or Apply.

Use a calling card to dial long distance

You can use this procedure to configure your computer to use a calling card to dial a long

distance phone number. Calling cards identify the phone carrier you want to use, along with

credentials that authorize your use of the specified phone carrier network.





3. On the Calling Card tab, click the calling card you want to use.



To perform this procedure, you must be the user who created the calling card.

If you use more than one calling card, you can create a different location for each one. Telephony programs typically allow you to change the location before dialing.

If you dial digits to access a long distance carrier (a long distance operator), you can use a calling card to specify the dialing sequence. When you create the calling card for a long distance carrier, create a unique location to go with it.

Important To use a calling card to dial long distance

Specify a long distance carrier

You can use this procedure to configure Windows to always dial your chosen long distance

carrier, rather than using the default carrier, for specified types of phone calls.



2. In the Phone and Modem dialog box, on the Dialing Rules tab, click New.

3. On the General tab, type a Location name to identify the long distance carrier, and specify the Country/region, Area code, and any Dialing rules.

4. On the Calling Card tab, click New, and then on the General tab, in Calling card name, type a name to identify the calling card, such as the name of the long distance carrier.

5. On the Long Distance tab and the International tab, in the access number box, type the number for the corresponding long distance carrier.

6. On the Long Distance tab and the International tab, in Calling card dialing steps, click Access Number, and then complete the additional steps required by your carrier for dialing long distance and international calls.

7. On the Local Calls tab, leave Access number for local calls blank, unless an access number is required, and then in Calling card dialing steps, enter the steps for dialing local calls.

To dial only the local phone number, click Destination Number, and clear the Dial the

area code check box.

8. Click OK to save the new calling card.

9. On the Calling Card tab, in Card Types, make sure that the new calling card is selected to be used with the location you want, and then click OK.

10. Under Locations, leave this location selected if you want this to be the default long distance carrier for Windows, and then click OK.



This procedure specifies long distance carrier (also called the long distance operator) numbers required for domestic or international long distance calling. This procedure is not normally required to use the default domestic and international long distance operators for a

To specify a long distance carrier

country/region. The country/region selection for a location normally enables programs to use the default numbers.

The location selected on the Dialing Rules tab of Phone and Modem Options is the default location for dialing. If you create more than one location, some Windows allow you to choose a different location before dialing.

Configure Dial-up Options

You can use the following sections to configure dial-up networking connections, related devices,

and services.

Configure client callback options

Configure Autodial

Enable multiple device dialing

Configure phone number modifiers

Configure redial options

Configure Idle Time Before Disconnect

Assign multiple phone numbers to a connection

Enable operator-assisted calls or manual dialing

Start the Remote Access Auto Connection Manager Service

Configure client callback options

You can use this procedure to configure a remote access server to disconnect and then call you

back to reestablish the connection from the server to you. This transfers the bulk of any phone

charges to the remote access server, by having the remote access server dial back to your

location after you initially connect. It also improves security when the remote access server is

configured to call back only approved call back numbers.




3. On the Advanced menu, click Remote Access Preferences. The Remote Access Preferences dialog box opens.

4. In the Remote Access Preferences dialog box, on the Callback tab, do one of the following:

If you do not want to use callback, click No callback.

To configure callback options on a network connection

If you want to decide whether to use callback at the time you connect, click Ask me during dialing when the server offers.

If you want to use callback every time, click Always call me back at the number(s) below, and then select the modem or device you want to be called back.

If Phone number is blank for the device you have selected, click Edit, and then type

the number.

If you want to remove a modem or device from the list of possible callback devices,

click the modem or device, and then click Delete.

Additional considerations Dial-up server settings take precedence over the settings that you configure on client

computers. For example, if you configure the client computer to request that the server call you back, but the server is not configured for callback, the client settings have no effect. Ensure that your server and client settings are coordinated to produce the desired results.

To use callback, Link Control Protocol (LCP) extensions must be enabled. For more information, see Start or stop requesting LCP Extensions in PPP.

Configure Autodial

You can use this procedure to configure the locations from which your computer automatically

dials a default network connection when a network resource is requested, and no connection to a

network is currently active.

The network connection that is started is the one identified as your 'default' network connection.

In the Network Connections folder, the default connection is identified by a checkmark in a green

circle. To set a default connection, see Specify a default network connection.

Autodial is enabled by default in Windows Vista.


1. Open the Network Connections folder and view available connections


3. On the Advanced menu, click Remote Access Preferences. The Remote Access Preferences dialog box opens.

4. In the Remote Access Preferences dialog box, on the Autodial tab, select the check box next to the network location for which you want to enable autodial, and then click OK.

Note To configure autodial

Enable multiple device dialing

You can use this procedure to configure your computer to use multiple modems or ISDN links to

connect to a remote network. Doing so combines multiple physical links, which increases the

aggregate bandwidth of your connection. Windows can also dynamically dial and drop multilinked

lines as bandwidth demands rise and fall, keeping your performance at the level you want, while

minimizing your phone costs.



2. Right-click the connection on which you want to enable the dialing of multiple devices, and then click Properties.

3. On the General tab, under Connect using, select the check box next to each modem you want to include in the connection.

4. Clear the Dial only first available device check box.


If you want to dial only the first available device, click Dial only first available device.

If you want to use all of your devices, click Dial all devices.

If you want to dynamically dial and hang up devices as needed, click Dial devices only as needed, and then click Configure.

In Automatic dialing, click the Activity at least percentage and Duration at least

time you want to set. Another line is dialed when connection activity reaches this level

for the amount of time that you specify.

In Automatic hangup, click the Activity no more than percentage and Duration at

least time you want to set. A device is disconnected when connection activity

decreases to this level for at least the amount of time that you specify.

Additional considerations If you selected Dial devices only as needed, the last multilinked device ignores the

Automatic hangup setting, and a 20-minute time-out is used for the last device.

If you use multiple devices to dial a server that requires callback, then only one of your multilinked devices is called back. This is because only one number is stored in a user account. Therefore, only one device connects and all other devices fail to complete the connection, and your connection loses multilink functionality.

You can avoid this problem if the multilinked phone book entry is an ISDN with two channels

that have the same phone number.

Multiple device dialing is available only if multiple adapters are available on the computer.

To enable multiple device dialing

If you select Dial all devices, dropped links in the multilinked bundle are not automatically reinitialized. You can force links to reinitialize by selecting Dial devices only as needed, then Configure, and then setting easily achieved Automatic dialing conditions which cause another line to be dialed. For example, set Activity at least to 1 percent and Duration at least to 3 seconds.

Configure phone number modifiers

You can use this procedure to insert special characters into dialing commands to force dialing

behaviors you need to successfully complete your calls.



2. Right-click the dial-up connection you want to configure, and then click Properties.

3. On the General tab, modify the phone number by using one or more characters from the following list.

Character Function

, (comma) Pauses briefly (two seconds for most

modems) before continuing.

P Switches from touch-tone to pulse/rotary

dialing.

T Switches from pulse/rotary to touch-tone

dialing.

$ Waits for a calling card prompt tone.

For example, when you dial in from a hotel room, you might have to add 9 to the number you

are calling to get an outside line. Your number might look similar to the following number:

9,555-0100

The comma after the 9 gives a pause long enough to get an outside line before continuing to

dial the full number.

Additional considerations By selecting the Use dialing rules check box, and then clicking Dialing Rules, you can

create a Location for which specific dialing rules automatically apply. For example, if you frequently connect from home and need to disable call waiting, you can create a location for

To configure phone number modifiers

use from home that automatically dials the code to disable call waiting before the connection call is placed.

If you see unfamiliar characters being dialed before your number, check to make sure the Use dialing rules check box is not selected, or ensure that the location selected is relevant to the location from which you are dialing. If an incorrect location is selected, a location may be enforcing a dialing rule that you do not need. For example, a location might be selected that always dials 1 to accommodate long distance dialing.

Configure redial options

You can use this procedure to configure how Windows attempts to redial phone calls that are not

successfully completed. You can configure how many times and how frequently Windows

attempts until it succeeds, and whether Windows automatically tries to reconnect if the

connection is dropped.



2. Right-click the dial-up connection you want to configure, and then click Properties.

3. On the Options tab, in Redialing options and Redial attempts, click the arrows to set the number of times the dial-up connection is automatically redialed if the first attempt to connect fails.

4. In Time between redial attempts, expand the list to set the amount of time to pause between the end of one attempt and the beginning of another.

5. If you want the connection to automatically redial if the line is dropped, select the Redial if line is dropped check box.

In Windows 7 and Windows Server 2008 R2, you can also configure Point to Point

Protocol options by clicking PPP Settings and specifying the settings you want.

Additional considerations The Time between redial attempts pause lets the device reset itself before redialing. The

default is one minute. If that is not enough time, increase this setting. You can also experiment with shorter times, but if you make the pause too short, the device does not have time to reset itself.

If you are using Internet Explorer, the default browser settings for dial-up connections might conflict with these redial options.

To configure redial optionsNote

Configure Idle Time Before Disconnect

You can use this procedure to configure how long Windows will allow a dial-up connection to

remain idle before it disconnects the call.



2. Right-click the dial-up connection that you want to configure, and then click Properties.

3. On the Options tab, in Redialing options, set Idle time before hanging up to the amount of idle time you want to allow before the client hangs up a connection.

Additional considerations The remote access server might also have a disconnect timer. If Idle time before hanging

up is set to a high time-out number, there is no guarantee that the connection will not disconnect before the time passes. This is because the server might disconnect before the interval that you specify with this setting.

Assign multiple phone numbers to a connection

You can use this procedure to assign multiple phone numbers to a dial-up network connection.

Sometimes the network to which you are calling has multiple access points in your city, and it

could also have access points in other nearby cities. You can assign all or several of the available

phone numbers to the connection, and establish the order in which you want Windows to try

them. If the first one does not connect successfully for any reason, Windows then tries the next

connection in order, and continues down the list until a successful connection is made.



2. Right-click the dial-up connection to which you want to assign multiple phone numbers, and then click Properties.

3. On the General tab, in Phone number, click Alternates. The Alternate Phone Numbers dialog box opens.

4. In the Alternate Phone Numbers dialog box, if you want the connection to attempt a different phone number when the first number in the list is not successful, click the If number fails, try the next number check box.

To configure the idle time before disconnect To assign multiple phone numbers to a connection

5. In the Alternate Phone Numbers dialog box, if you want the connection to move the first successful phone number to the top of the list under Phone numbers and use it on the next connection attempt, click Move successful numbers to top of list. This option has the effect of sorting the numbers to help reduce the time it takes to connect.

6. In the Alternate Phone Numbers dialog box, to add a new phone number to the list, click Add. The Add Alternate Phone Number dialog box opens.

7. In the Add Alternate Phone Number dialog box, in Phone number, type the phone number. If you want the connection to use established area code and dialing rules, select the Use dialing rules check box. Click OK.

8. In the Alternate Phone Numbers dialog box, if you want to change the order of phone numbers, under Phone numbers, select a phone number, and then click the Up or Down arrow button until the phone numbers are arranged in the order you want.

9. In the Add Alternate Phone Number dialog box, in Phone numbers, if you want to change a phone number, click the number and then click Edit.

10. In the Add Alternate Phone Number dialog box, if you want to remove a phone number, under Phone numbers, click the phone number, and then click Delete.

Enable operator-assisted calls or manual dialing

You can use this procedure to configure your computer to allow you to manually dial a number, or

to give you an opportunity to call an operator and have the call dialed for you.



2. Press ALT to display the menu bar, and then on the Advanced menu, click Operator-Assisted Dialing.

3. Double-click the connection you want to dial.

4. Pick up the telephone handset, and then dial the number or ask the operator to dial it for you.

The number assigned to the entry is displayed in the dialog box for easy reference.

5. Immediately after you have finished dialing, click Dial.

6. Hang up the handset only after the modem takes control of the line, which is typically signaled by a click followed by silence.

7. It is always safe to replace the handset after Network Connections begins verifying your user name and password. The status message will remind you of this.

To enable operator-assisted calls or manual dialing

Additional considerations If operator-assisted dialing is enabled, a check mark appears next to Operator-Assisted

Dialing on the Advanced menu.

Start the Remote Access Auto Connection Manager Service

You can use this procedure to start the Remote Access Auto Connection Manager service. This

service connects your default network connection whenever a program requests a remote DNS

address or NetBIOS name, and a connection is not currently active to support the request.



1. To open Computer Management, click Start, right-click Computer, and then click Manage.

2. In the console tree, expand Computer Management (Local), expand Services and Applications, and then click Services.

3. In the details pane, right-click Remote Access Auto Connection Manager, and then click Start.

In the Status column, Started appears.

Configure VPN connections

You can use the following procedures to configure the security settings of a VPN connection.

Changing the security settings for your network connections can increase the protection provided

to your computer and the data going through the network connection to your computer. Use the

strongest security settings that both your local computer and the remote server computer to which

you are connecting can support. Check with the administrator of the remote server computer to

determine the settings that are supported by that computer.

Configure VPN connections in Windows Vista and Windows Server 2008

Configure VPN connections in Windows 7 and Windows Server 2008 R2

To start the Remote Access Auto Connection Manager service

Configure VPN connections in Windows Vista and Windows Server 2008

You can use this procedure to configure the security settings of a VPN connection.



2. Right-click the VPN connection that you want to configure, and then click Properties.

3. On the Security tab, perform one of the following options:

To select preconfigured combinations of identity authentication methods and data encryption requirements, click Typical (recommended settings), and then in Validate my identity as follows, click a method to use for validation.

The following table shows which selections are available.

Identity validation setting Description

Require secured

password

Require data encryption (disconnect if none) is enabled by default

Automatically use my Windows logon name and password (and domain if any) is also available

Use smart card Require data encryption (disconnect if none) is enabled by default

Automatically use my Windows logon name and password (and domain if any) is not available

If Require data encryption (disconnect if none) is not enabled, encryption is

optional.

To individually enable, configure, and disable authentication methods and encryption requirements, click Advanced (custom settings), and then click Settings.

To prevent encryption, in Data encryption, click No encryption allowed (server will

disconnect if it requires encryption).

To configure VPN connection authentication and data encryption settings

Configure VPN connections in Windows 7 and Windows Server 2008 R2

You can use this procedure to configure the security settings of a VPN connection.



2. Right-click the VPN connection that you want to configure, and then click Properties. The VPN Properties dialog box opens.

3. In the VPN Properties dialog box, click the Security tab.

4. On the Security tab, in Data encryption, expand the list and select the data encryption strength that is supported by the remote VPN server computer.

Note

If the VPN server to which you’re connecting supports strong encryption, it is

recommended that you select either Require encryption or Maximum strength

encryption.

5. On the Security tab, in Authentication, in Use Extensible Authentication Protocol (EAP), expand the list and select the authentication method that is supported by the remote VPN server, if your organization uses EAP. For more information, see Secure Network Connections.

6. On the Security tab, in Authentication, in Allow these protocols, select additional authentication protocols if they are supported by the VPN server.

Important

For security reasons, it is not recommended that you use Unencrypted

password (PAP) or Challenge Handshake Authentication Protocol (CHAP).

Delete a network connection

You can use the following procedures to delete network connections that you no longer need.

Wired LAN connections cannot be deleted by using this procedure. To delete a wired LAN

connection, either disable or uninstall the network adapter.

Delete a network connection in Windows Vista and Windows Server 2008

Delete a network connection in Windows 7 and Windows Server 2008 R2

To configure VPN connection authentication and data encryption settings

Delete a network connection in Windows Vista and Windows Server 2008

You can use this procedure to delete network connections that you no longer need.



You can use the following methods to delete a network connection:

To delete a wireless network connection

To delete a connection to a remote network


2. In the Tasks pane, click Manage wireless networks.

3. Right-click the connection you want to delete, and then click Remove network.

4. In the Manage Wireless Networks - Warning dialog box, click OK.

The connection is removed from the list of wireless connections that you can view or

modify.


2. In the Tasks pane, click Manage network connections.

3. Right-click the connection you want to delete, and then click Delete.

4. In the Confirm Connection Delete dialog box, click OK.

The connection is removed from the list of available connections that you can view or

modify.

Additional considerations A standard user can delete only a network connection that he or she created. To delete a

connection that is shared by multiple users, you must be a member of the Administrators or Network Configuration Operators group.

To delete a wireless network connection To delete a connection to a remote network

Delete a network connection in Windows 7 and Windows Server 2008 R2

You can use this procedure to delete network connections that you no longer need.



You can use the following methods to delete a network connection:

To delete a wireless network connection

To delete a connection to a remote network


2. In the Tasks pane, click Manage wireless networks.

3. Right-click the connection you want to delete, and then click Remove network.

4. In the Manage Wireless Networks - Warning dialog box, click OK.

The connection is removed from the list of wireless connections that you can view or

modify.


2. Right-click the connection you want to delete, and then click Delete.

3. In the Confirm Connection Delete dialog box, click OK.

The connection is removed from the list of available connections that you can view or

modify.

Additional considerations A standard user can delete only a network connection that he or she created. To delete a

connection that is shared by multiple users, you must be a member of the Administrators or Network Configuration Operators group.

View network connection status

You can use the following procedures to view the current status of your network connection. Basic

connection status information includes:

Basic connectivity information about both IPv4 and IPv6

Whether the cable is currently plugged in or not

How long the connection has been active

To delete a wireless network connection To delete a connection to a remote network

The current connection speed

The number of packets sent and received. The icon in the Activity section displays properties about the connection. For more information, see Review Network and Sharing Center icons.

Additional information about the connection is available on the Network Connection Details tab.

This information includes:

Domain Name Service (DNS) name assigned to this connection

Description of the network adapter

The media access control (MAC) address of the network adapter

Whether the computer is using Dynamic Host Configuration Protocol (DHCP) or manually configured IP addresses

IPv4 and IPv6 configuration details, including address lease information, IP addresses and subnet masks, default gateways, the DHCP server, DNS servers, and Windows Internet Name Service (WINS) servers

To view network connection status, see the following sections.

View network connection status in Windows Vista and Windows Server 2008

View network connection status in Windows 7 and Windows Server 2008 R2

View network connection status in Windows Vista and Windows Server 2008

You can use this procedure to view the current status of your network connection. Information

available includes the type of connectivity (local or Internet) provided by both IPv4 and IPv6.



You can use the following methods to view the status of a network connection:

To view network connection status by using Network and Sharing Center

To view network connection status by using the Network Connections folder

To view additional details of the connection by using the Windows interface

To view details of the connection by using the command prompt


2. In the list of networks, find the network you want, and click View Status.

Windows displays the Connection Status page.


To view network connection status by using Network and Sharing CenterTo view network connection status by using the Network Connections folder

2. Right-click the connection you want to view, and then click Status.

Windows displays the Connection Status page.

On the Connection Status page described in either of the previous two procedures, click the Details button.

Windows displays the Network Connection Details page.


ipconfig /all

Value Description

/all Specifies that the command should return

detailed information about the connection

Additional considerations Standard users can view the status of the network connection. To make any changes you

might need to be a member of the Administrators group or the Network Configuration Operators group, depending on the change.

View network connection status in Windows 7 and Windows Server 2008 R2

You can use this procedure to view the current status of your network connection. Information

available includes the type of connectivity (local or Internet) provided by both IPv4 and IPv6.



You can use the following methods to view the status of a network connection:

To view network connection status by using Network and Sharing Center

To view network connection status by using the Network Connections folder

To view details of the connection by using the command prompt


2. In Network and Sharing Center, in View your active networks, review the list of networks to locate a network. To the right of the network name, in Connections, click the

To view additional details of the connection by using the Windows interfaceTo view details of the connection by using the command promptTo view network connection status by using Network and Sharing Center

name of the network connection. For example, if the connection is named Local Area Connection, click Local Area Connection.

3. The Network Connection Status dialog box opens, and you can review the network status. For additional information, click Details.


2. Right-click the connection that you want to view, and then click Status.

3. The Network Connection Status dialog box opens, and you can review the network status. For additional information, click Details.


ipconfig /all

Value Description

/all Specifies that the command should return

detailed information about the connection

Additional considerations Standard users can view the status of the network connection. To make any changes you

might need to be a member of the Administrators group or the Network Configuration Operators group, depending on the change.

Configure Incoming Connections

In addition to allowing you to dial out from your computer to connect to another computer or

network, Windows also allows you to dial-in to your computer from another location over a

modem connection.

Windows supports two types of incoming connections. You can configure your computer to

support incoming connection through a modem or through a virtual private network (VPN) over

the Internet.

To complete this task, perform the following procedures:

Accept Incoming Network Connections

Grant computer access privileges for an Incoming Connection

Configure an Incoming Connection to use TCP/IP

Configure an Incoming Connection to use Callback

To view network connection status by using the Network Connections folderTo view details of the connection by using the command prompt

Accept Incoming Network Connections

You can use this procedure to enable incoming dial-up or VPN connections to your computer.




2. Press ALT to display the menu bar, and then on the File menu, click New Incoming Connection. The Allow connections to this computer wizard opens.

3. In Who may connect to this computer, in User accounts on this computer, review the list of existing user accounts. If the user account you want to use does not exist and you want to create it, click Add someone. In the New User dialog box, type values for User name, Full name, Password, and Confirm password, and then click OK.

4. In Who may connect to this computer, in User accounts on this computer, if you want to view or modify the properties of an existing user account, click the user account and then click Account Properties. In the account Properties dialog box, review or modify the account, and then click OK.

5. In Allow connections to this computer, in User accounts on this computer, select the users to whom you want to grant access to your computer. Click Next.

6. On the How will people connect? page, select one or both of the following options:

Through the Internet. This allows remote computers that are also attached to the Internet to establish a connection to your computer by using a VPN.

Through a dial-up modem. Also, select the modem or modems you want to use.

Important

The option Through a dial-up modem is not available unless there is a

modem installed in your computer.

Click Next.

7. In Networking software, select the items that you want to support when allowing this connection. If a protocol has configurable options, you can click Properties to configure the protocol to meet your requirements. For more information, see Configure an Incoming Connection to use TCP/IP.

8. When you are done configuring the protocols, click Allow access, and when the wizard completes configuration of the specified options, click Close.

Additional considerations You can only have one incoming network configuration at a time. If you use the New

Incoming Connection menu to try to create a new one, Windows instead reconfigures your existing incoming connection.

To accept incoming network connections

For large numbers of incoming connections on a server that operates as part of a distributed network or as a domain controller, use Routing and Remote Access to create a remote access server.

If your incoming connection and fax service have problems working together (for example, you cannot receive incoming connection calls on a device enabled to receive faxes), the modem might not support adaptive answer. Check your modem documentation to verify that you need to disable Fax Receive for that device to accept incoming connections.

Grant computer access privileges for an Incoming Connection

You can use this procedure to determine which user accounts defined on your computer can

access it from a remote computer by using the dial-in network connection.




2. Right-click Incoming Connections, and then click Properties.

Note

If you have created an incoming connection but Incoming Connections is not

visible in the Network Connections folder, you must configure folder options to

show hidden files and folders. To do so, press ALT, and then click Tools and

Folder Options. In the Folder Options dialog box, click the View tab. In

Advanced settings, in Hidden files and folders, click Show hidden files and

folders, and then click OK.

3. On the General tab, do one or more of the following:

In Devices, click the check boxes next to the devices by which incoming connections can connect.

If you have more than one device selected, and you want to enable multilink dialing, select the Enable multilink check box.

If you want to enable others to make private connections to your computer by tunneling through the Internet or other network, select the Allow others to make private connections to my computer by tunneling through the Internet or other network check box.

4. On the Users tab, do one or more of the following:

If you want to allow a user to connect, select the check box next to the specific user name.

To grant incoming connections access rights to your computer

If you want to revoke the right of a user to connect, clear the check box next to the name of a user.

To create a new user and grant them access to connect, click New.

To remove a user, click Delete.

To modify the name of a user, their password, or callback options, click Properties.

If you want directly connected devices to connect without providing a password, select the Always allow directly connected devices such as handheld computers to connect without providing a password check box.

5. On the Networking tab, do one or more of the following:

If you want to enable a network component, in Network components, select the check box next to the component name.

If you want to disable a network component, in Network components, clear the check box next to the component name.

To add a network component, click Install.

To remove a network component, click Uninstall.

To configure a network component, click Properties.

Configure an Incoming Connection to use TCP/IP

You can use this procedure to configure how Windows assigns TCP/IP addresses to remote

computers that attach to your computer by using an incoming dial-up or VPN connection. You can

configure your computer to:

Assign an IP address to the remote computer by using the DHCP server on your network (IPv4 only).

Assign an IP address from a static pool of addresses (IPv4) or a range of prefixes (IPv6).

Allow the client computer to assign its own address (IPv4 only).

In addition, you can specify that the remote computer only has access to resources that are

located on the host computer, or you can specify that the remote computer has access to both the

host computer’s resources and all additional network resources that the host computer has

permission to access.



You can use the following methods to configure an incoming connection:

To configure an incoming connection to use IPv4




If you have created an incoming connection but Incoming Connections is not visible in

the Network Connections folder, you must configure folder options to show hidden files

and folders. To do so, press ALT, and then click Tools and Folder Options. In the Folder

Options dialog box, click the View tab. In Advanced settings, in Hidden files and

folders, click Show hidden files and folders, and then click OK.

3. On the Networking tab, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.

4. If you want incoming users to be able to access the local area network on which the dial-up host computer resides, select the Allow callers to access my local area network check box.


If you want to automatically assign a TCP/IP address to the incoming computer, select the Assign TCP/IP addresses automatically using DHCP check box.

If you want to specify a TCP/IP address for the incoming computer, click Specify TCP/IP addresses, and do the following:

In From, type the starting IP address.

In To, type the ending IP address.

Based on the addresses you type in From and To, the number of addresses that are

allocated is displayed in Total. The starting and ending IP addresses that you choose

depend on the originating address space and the number of addresses needed.

6. If you want incoming connections to be able to use a self-defined TCP/IP address, select the Allow calling computer to specify its own IP address check box.

7. Click OK to save your changes.

Additional considerations Most TCP/IP networks use subnets in order to effectively manage IP addresses. The closest

matching subnet is calculated for the range that you specified in From and To. The range of addresses in the closest matching subnet might exceed the range that you specified. Unless the addresses specified in From and To are subnet boundaries, the range based on the calculated subnet will be larger than the range that you specified. To avoid this, specify a range that falls on subnet boundaries. For example, if you are using the 10.0.0.0 private network ID for your intranet, a range that falls on subnet boundaries is 10.0.1.168 to 10.0.1.175. Or, if you are using the 192.168.0.0 private network ID for your intranet, a range that falls on subnet boundaries is 192.168.1.0 to 192.168.1.255.

If you select Allow callers to access my local area network or Allow calling computer to specify its own IP address, these changes take effect immediately.


If you select Assign TCP/IP addresses automatically using DHCP, but there is no DHCP server available, random addresses from the range 169.254.0.1 to 169.254.255.254 are assigned.



If you have created an incoming connection but Incoming Connections is not visible in

the Network Connections folder, you must configure folder options to show hidden files

and folders. To do so, press ALT, and then click Tools and Folder Options. In the Folder

Options dialog box, click the View tab. In Advanced settings, in Hidden files and

folders, click Show hidden files and folders, and then click OK.


4. If you want incoming users to be able to access the local area network on which the dial-up host computer resides, select the Allow callers to access my local area network check box, and then select the network adapter to be used to access the local area network in the Private Adapter list.

5. Type the IPv6 network address prefix for your network in the From box.


Configure an Incoming Connection to use Callback

You can use this procedure to configure your dial-up host computer to automatically call back the

calling computer when it attempts to connect.

This allows the host computer to be responsible for any phone charges incurred, and also can

provide a level of security when you limit the phone numbers to which Windows will call back a

client computer.





Note

If you have created an incoming connection but Incoming Connections is not

visible in the Network Connections folder, you must configure folder options to

To configure an incoming connection to use IPv6 To configure an incoming connection to use callback

show hidden files and folders. To do so, press ALT, and then click Tools and

Folder Options. In the Folder Options dialog box, click the View tab. In

Advanced settings, in Hidden files and folders, click Show hidden files and

folders, and then click OK.

3. On the Users tab, click the user for which you want to configure callback, and then click Properties.

4. On the Callback tab, do one of the following:

If you do not want to use callback for incoming connections, click Do not allow callback.

If you want to give incoming connections the option of setting a specific callback number, click Allow the caller to set the callback number.

If you want to consistently use the same callback number, click Always use the following callback number, and then type the number.

Additional considerations Using a preset callback number provides some additional security because a user can only

successfully complete the connection if the call is made from the specified phone number. That security comes at the cost of flexibility however, and is not a useful option for users who travel to different locations.


The procedures in this task enable you to choose and configure which network components are

installed, which are used by each connection, and the order in which they are accessed.


Configure TCP/IP settings

Install additional network protocols or components

Remove a network protocol or component

Enable or disable a network protocol or component

Modify the protocol bindings and network provider order

Configure the Client for Microsoft Networks

Configure Point-to-Point Protocol (PPP)

Configure TCP/IP settings

You can use this procedure to configure the TCP/IP settings for each of your network

connections.

Each connection can be configured to use IPv4 or IPv6, or both.



You can use the following methods to configure TCP/IP settings:

To configure TCP/IPv4



2. Right-click the connection that you want to configure, and then click Properties.


If the connection is a local area connection, on the General tab, in This connection uses the following items, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.

If the connection is a dial-up, VPN, or broadband connection, on the Networking tab, in This connection uses the following items, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.

If the connection is an incoming connection, see Configure an Incoming Connection to use TCP/IP.


If you want IP settings to be assigned automatically by a DHCP server, VPN server, or other device that provides DHCP services that is installed on the network to which you’re connecting, click Obtain an IP address automatically, and then click OK.

If you want to specify an IPv4 address or a Domain Name Service (DNS) server address, do the following:

Click Use the following IP address, and then in IP address, type the IP address,

and an appropriate subnet mask and default gateway address.

Click Use the following DNS server addresses, and then in Preferred DNS server

and Alternate DNS server, type the addresses of the primary and secondary DNS

servers.

5. To configure DNS, Windows Internet Name Service (WINS), and IP settings, click Advanced.

6. On a local area connection, selecting the Obtain an IP address automatically option enables the Alternate Configuration tab. Use this to enter alternate IP settings if your computer is used on more than one network. To configure DNS, WINS, and IP settings, click User configured on the Alternate Configuration tab.


Additional considerations Use automated IP settings (DHCP) whenever possible for all connections because they

eliminate the need to configure settings such as IP address, DNS server address, and WINS server address.

The Alternate Configuration settings specify a second set of IP settings that are used when a DHCP server is not available. This is very useful for portable computer users who often switch between two different network environments such as DHCP and static IP network environments.


2. Right-click the connection you want to configure, and then click Properties.


On a LAN, wireless, VPN, or dial-up connection, on the Networking tab, in This connection uses the following items, click Internet Protocol Version 6 (TCP/IPv6), and then click Properties.

If the connection is an incoming connection, see Configure an Incoming Connection to use TCP/IP.


If you want IP settings to be assigned automatically, click Obtain an IPv6 address automatically, and then click OK.

If you want to specify an IPv6 address or a DNS server address, do the following:

Click Use the following IPv6 address, and then in IPv6 address, type the IP

address, and an appropriate prefix length and default gateway address.

Click Use the following DNS server addresses, and then in Preferred DNS server

and Alternate DNS server, type the addresses of the primary and secondary DNS

servers.

5. To configure advanced IPv6 and DNS settings, click Advanced.

Additional considerations Use automated IP settings (DHCP) whenever possible for all connections because they

eliminate the need to configure settings such as IP address, DNS server address, and WINS server address.

For more information about IPv6, see Additional Resources.


Install additional network protocols or components

You can use this procedure to install additional networking components to Windows. Those

components can be new clients, services, or protocols that are associated with one or more of

your network connections.

By default, all of the clients, services, and protocols included with Windows that can be

associated with a connection are already installed. Use this procedure if you have a third-party

component that you want to add. If you removed a component from a connection, then you can

use this procedure to reinstall it to the connection.

Network protocols and components that were designed for earlier versions of Windows

might not run successfully in Windows 7, Windows Vista, Windows Server 2008, or

Windows Server 2008 R2. Check with the software component vendor to verify

compatibility with these operating systems before attempting to install the software.




2. Right-click the connection that you want to configure, and then click Properties. The network connection Properties dialog box opens.

3. In the network connection Properties dialog box, if it is not already selected, click the Networking tab.

4. Click Install. The Select Network Feature Type dialog box opens.

5. In the Select Network Feature Type dialog box, select Client, Service, or Protocol, and then click Add.


If the component is in the list, select it, and then click OK.

Otherwise, click Have Disk.

7. Follow the instructions displayed to complete the installation.

Additional considerations After you add a new protocol or component, it is automatically available for every network

connection on the computer, including new connections that you create. Ensure that you configure each connection to use only those protocols and components that are required to create a network connection that functions correctly. For more information, see Enable or disable a network protocol or component.

Important To install an additional protocol or component

Enable or disable a network protocol or component

You can use this procedure to enable or disable a network protocol or component on a specific

network connection.

Network performance is enhanced and network traffic is reduced when only the required

protocols and clients are enabled. If your computer encounters a problem with a network or dial-

up connection, it attempts to establish connectivity by using every network protocol that is

installed and enabled. Ensure that you configure each connection to use only those protocols and

components that are required to create a network connection that functions correctly.




2. Right-click the connection that you want to modify, and then click Properties.


For local area connections, on the General tab, in This connection uses the following items, click the checkbox next to the component that you want to enable or disable. When the checkbox is selected, the component is enabled.

For dial-up or VPN connections, on the Networking tab, in This connection uses the following items, click the checkbox next to the component that you want to enable or disable. When the checkbox is selected, the component is enabled.

For an incoming connection, on the Networking tab, in Network components, click the checkbox next to the component that you want to enable or disable. When the checkbox is selected, the component is enabled.

Additional considerations If you no longer need a protocol or component on any of your connections, you can uninstall

the protocol or component. For more information, see Remove a network protocol or component.

Remove a network protocol or component

You can use this procedure to remove a network component.



To enable or disable a network protocol or component


2. Right-click the connection from which you want to remove a network component, and then click Properties.


If this is a local area connection, on the General tab, in This connection uses the following items, click the client, service, or protocol that you want to remove, and then click Uninstall.

Note

In Windows 7 and Windows Server 2008 R2, select the item that you want to

remove on the Networking tab.

If this is a dial-up or VPN connection, or broadband connection, on the Networking tab, in This connection uses the following items, click the client, service, or protocol you want to remove, and then click Uninstall.

If this is an incoming connection, on the Networking tab, in Network components, click the client, service, or protocol you want to remove, and then click Uninstall.

4. In the Uninstall component name dialog box, click Yes.

Additional considerations Removing a network protocol or component uninstalls it from your computer, and no network

connections have access to that functionality. If you want to remove a protocol or component from only one of your network connections, see Enable or disable a network protocol or component.

Modify the protocol bindings and network provider order

You can use this procedure to change the order in which network protocols are attempted when

trying to establish communications with a remote computer. This can provide improved

performance when you have multiple protocols installed and your network primarily uses one. If

you set a protocol at the top of the list, it will be tried first. If another protocol is tried first for every

packet, many will fail, and the other protocols will not be tried until that failure occurs.




2. Press ALT to display the menu bar, and then on the Advanced menu, click Advanced

To remove a network protocol or component To modify the protocol bindings and network provider order

Settings. The Advanced Settings dialog box opens.

3. In the Advanced Settings dialog box, on the Adapters and Bindings tab, in the Connections list, click the connection that you want to modify. If you wish to change the order in which your connections are tried, click the up or down arrow buttons to rearrange the order.

4. In the Bindings for ConnectionName list, click the protocol that you want to move up or down in the list, and then click the up or down arrow buttons to rearrange the order of the protocols.

5. In the Advanced Settings dialog box, click the Provider Order tab.

6. On the Provider Order tab, in the Network Providers list, select the provider that you want to move up or down in the list, and then click the up or down arrow buttons to rearrange the order.

Additional considerations Network performance can be seriously degraded if you rearrange the bindings or provider

order in an inappropriate way for your network. Set the connections and the protocols that you use to reach your resources listed first, with less frequently used connections and protocols listed second. For example, if you are on a LAN using primarily IPv4, then it is recommended that the LAN adapter be the first connection listed, and that IPv4 be the first protocol listed for that connection.

Configure the Client for Microsoft Networks

You can use this procedure to select the name service provider and network address for the

Remote Procedure Call (RPC) service.




2. Right-click a connection, then click Properties.

3. On the Networking tab, in This component uses the following items, click Client for Microsoft Networks, and then click Properties.

4. In Name service provider, select an RPC name service provider.

5. If you selected DCE Cell Directory Service, in Network address, type the network address of your provider.

To configure the Client for Microsoft Networks

Configure Point-to-Point Protocol (PPP)

The Point-to-Point Protocol (PPP) is used in many remote access scenarios in Windows. The

procedures in this section allow you to configure it to meet your requirements.


Start or stop requesting LCP Extensions in PPP

Enable or disable IP header compression in PPP

Enable or disable software compression in PPP

Enable or disable multilink for single link connections

Start or stop requesting LCP Extensions in PPP

You can use this procedure to enable or disable the use of the Link Control Protocol (LCP)

extensions that can be used as part of a Point-to-Point Protocol (PPP) session.

LCP allows the two communicating computers to negotiate some additional performance

parameters and detect some common configuration errors.


1. If you want to modify the connection you are currently using, disconnect from the server.



4. On the Options tab, click PPP Settings.

5. Select or clear the Enable LCP extensions check box.

Additional considerations LCP extensions to PPP are defined in RFC 1548, and updated in RFC 1570. For more

information, see http://go.microsoft.com/fwlink/?LinkID=121.

Enable or disable IP header compression in PPP

You can use this procedure to enable or disable the IP header compression in Point-to-Point

Protocol (PPP) packets sent over dial-up or other slow links.

To start or stop requesting LCP extension in PPP

http://go.microsoft.com/fwlink/?LinkID=121

IP header compression involves negotiation between two computers as to what is compressed

and how. It can reduce the size of packets, improving the throughput on a slower communications

link.






5. On the General tab, click Advanced.

6. Under PPP Link, select or clear the Use IP header compression check box.

Additional considerations IP header compression is not a configurable option for IPv6.

For more information on IP header compression, see RFC 2507 and RFC 3544. (http://go.microsoft.com/fwlink/?LinkID=121).

Enable or disable software compression in PPP

You can use this procedure to enable or disable the use of software compression on your Point-

to-Point Protocol (PPP) links.

Software compression reduces the size of PPP packets to improve throughput.




3. Right-click the connection you want to modify, and then click Properties.


5. Select or clear the Enable software compression check box.

To enable or disable IP header compression in PPP To enable or disable software compression in PPP


Enable or disable multilink for single link connections

You can use this procedure to enable or disable the Negotiate multi-link for single-link

connections option for your remote access connections.

This option enables separation of high and low-priority channels over a single link connection. If

your remote access server supports this feature, you might notice improved audio quality.

However, because this feature is incompatible with many remote access servers, you should

leave it disabled unless instructed otherwise by the administrator of the remote access server.






5. Select or clear the Negotiate multi-link for single-link connections check box.

Disconnect a wireless, dial-up, or VPN connection

You can use the following sections to learn how to disconnect a wireless, dial-up, or virtual private

network (VPN) connection using Network and Sharing Center.

Disconnect from a network in Windows Vista and Windows Server 2008

Disconnect from a network in Windows 7 and Windows Server 2008 R2

Disconnect from a network in Windows Vista and Windows Server 2008

You can use this procedure to disconnect from a wireless, dial-up, or virtual private network

(VPN) to which your computer is currently connected.

A wired LAN connection cannot be disconnected using this procedure. To disconnect a

wired connection, either unplug the network cable, or disable the network adapter. For

more information about disabling a network adapter, see Enable or disable a network

connection.

To enable or disable multilink for single-link connectionsNote


The following sections provide information on disconnecting from a network.

To disconnect a network by using the network icon in the notification area

To disconnect a network by using the Network and Sharing Center

To disconnect a wireless network by using a command prompt

To disconnect a dial-up or VPN connection by using a command prompt


2. Click Disconnect from, and then click the network from which you want to disconnect. One of the following results occur:

If the connection is to a wireless network, it is disconnected.

If the connection is to a dial-up network, the modem hangs up.

If the connection is to a VPN that was established separately over an existing network connection, the VPN is disconnected but the underlying network remains connected.

If the connection is to a VPN that was established at the same time as the underlying connection (such as a dial-up connection), then both the VPN and the underlying connection are disconnected.

Additional considerations A standard wired Ethernet connection cannot be disconnected by using this procedure. To

disconnect a wired connection, either unplug the network cable, or disable the network adapter. For more information about disabling a network adapter, see Enable or Disable a Plug and Play Device at http://go.microsoft.com/fwlink/?LinkId=102028.


2. Connections are displayed under the name of the network to which they are attached. There might be more than one connection to a specific network. In the right-hand column for the connection you want, click Disconnect. One of the following results occur:

If the connection is to a wireless network, it is disconnected.

If the connection is to a dial-up network, the modem hangs up.

If the connection is to a VPN that was established separately over an existing network connection, the VPN is disconnected but the underlying network remains connected.

If the connection is to a VPN that was established at the same time as the underlying connection (such as a dial-up connection), then both the VPN and the underlying

To disconnect a network by using the network icon in the notification areaTo disconnect a network by using the Network and Sharing Center



connection are disconnected.

Additional considerations You can also start the Connect to a network page by clicking Start, and then clicking

Connect To.

If you just created the connection, you might need to click the Refresh button just above and on the right side of the list of available connections.

A standard wired Ethernet connection cannot be disconnected by using this procedure. To disconnect a wired connection, either unplug the network cable, or disable the network adapter. For more information about disabling a network adapter, see Enable or Disable a Plug and Play Device at http://go.microsoft.com/fwlink/?LinkId=102028.

1. At a command prompt, type the following, and then press ENTER:

netsh wlan disconnect [[interface=]interface]

Value Description

interface Specifies the interface whose current wireless

connection is to be disconnected. Not required

if you only have one wireless interface installed

on your computer.

Formatting legend

Format Meaning



shown


Additional considerations To start a command prompt, click Start, click All Programs, click Accessories, and then


A standard wired Ethernet connection cannot be disconnected by using this procedure. To disconnect a wired connection, either unplug the network cable, or disable the network adapter. For more information about disabling a network adapter, see Enable or Disable a Plug and Play Device at http://go.microsoft.com/fwlink/?LinkId=102028.

To disconnect a wireless network by using a command prompt





Additional references For more information about the netsh command, see "Netsh Commands for Wireless Local

Area Network (wlan)" at http://go.microsoft.com/fwlink/?LinkId=81752.

For more information about wireless networking, see "Windows Vista Wireless Networking Evaluation Guide" at http://go.microsoft.com/fwlink/?LinkId=89052.

1. At a command prompt, type the following, and then press ENTER:

rasdial ProfileName /disconnect

Value Description

ProfileName Specifies the profile name for the connection to

the remote network.

Formatting legend

Format Meaning



shown


Additional references For more information about the rasdial command, see "Using Rasdial" at

http://go.microsoft.com/fwlink/?LinkId=89065.

Disconnect from a network in Windows 7 and Windows Server 2008 R2

You can use this procedure to disconnect a computer that is running Windows 7 or Windows

Server 2008 R2 from a wireless, VPN, or dial-up connection.


To disconnect a dial-up or VPN connection by using a command prompt






To disconnect from a network

1. Click the Network icon in the notification area. The Currently connected to dialog box opens.

2. In Currently connected to, click the network connection that you want to disconnect, and then click Disconnect.

Repair a LAN or High Speed Internet Connection

You can use the procedures in this section to attempt to repair the following types of connections.

LAN connections

Wireless network connections

Broadband Point-to-Point Protocol over Ethernet (PPPoE) connections

Before performing one of these procedures, you can also take the following steps:

1. If relevant, verify that the status lights on your digital subscriber line (DSL) or cable modem are indicating a good connection to your Internet service provider (ISP).

2. If the lights are not correct, try turning off the device and turning it back on.

3. If the lights still do not indicate a good connection, contact your ISP.

You can use the following sections to attempt to repair a connection.

Repair a connection in Windows Vista and Windows Server 2008

Repair a connection in Windows 7 and Windows Server 2008 R2

Repair a connection in Windows Vista and Windows Server 2008

You can use this procedure to attempt to repair a LAN or other connection.



Right-click the network icon ( ) in the notification area, and then click Diagnose and repair.

2. Follow the steps in the wizard to correct any error conditions.

Additional considerations Some diagnostic actions, such as resetting your network adapter, might require administrative

permissions. Before attempting these actions, ensure that you have the credentials for a user account that is a member of the Administrators group on the local computer.

You can also find the Diagnose and Repair option in the Tasks pane of Network and Sharing Center.

If a red X is displayed on one of the connections in the Network and Sharing Center map, you can click the X to begin the diagnose and repair process.

You can also diagnose a network connection by using the Network Connections folder. Right-click the connection you want, and then click Diagnose.

Repair a connection in Windows 7 and Windows Server 2008 R2

You can use this procedure to attempt to repair a connection.



You can perform this procedure in one of the following ways:

To repair a LAN or high-speed Internet connection using Network and Sharing Center

To repair a LAN or high-speed Internet connection using the network icon

1. Start Network and Sharing Center

2. In Network and Sharing Center, click Troubleshoot Problems.

3. The Troubleshoot problems – Network and Internet folder opens. In Network, select one of the following items:

Internet Connections. Specifies that you want to troubleshoot connections to the Internet or to specific web sites.

Shared Folders. Specifies that you want to troubleshoot access to shared files and folders on other computers.

To repair a LAN or high-speed Internet connectionTo repair a LAN or high-speed Internet connection using Network and Sharing Center

HomeGroup. Specifies that you want to troubleshoot connections to computers or shared files in a homegroup.

Note

The HomeGroup option is not available if you are running Windows

Server 2008 R2.

Network Adapter. Specifies that you want to troubleshoot Ethernet, wireless, or other network adapters.

Incoming Connections. Specifies that you want to troubleshoot incoming connections to your computer from other computers.

Connection to a Workplace Using DirectAccess. Specifies that you want to troubleshoot connections to your workplace over the Internet using DirectAccess.

4. If you have a printer connected to the local computer and you want to troubleshoot printing problems, select Printer. If you do not have a printer connected to the local computer, this option is not available.

5. Follow the instructions that are provided by the troubleshooting wizard that appears based on your selection above.

1. Right-click the network icon in the taskbar notification area, and then click Troubleshoot problems. The Windows Network Diagnostic wizard opens.

2. Follow the steps in the wizard to correct error conditions.

Additional considerations Some diagnostic actions, such as resetting your network adapter, might require administrative

permissions. Before attempting these actions, ensure that you have the credentials for a user account that is a member of the Administrators group on the local computer.

Secure Network Connections

This section documents procedures to secure the data you transmit from your computer to the

other computers and networks to which you are connected.

Whenever you connect your computer to another computer or to a network, you risk exposing

your computer to several threats. Some of the common threats, such as malware (viruses,

spyware or other malicious software) are addressed by using antivirus and anti-spyware

programs.

In addition, the data you send and receive over the network can potentially be intercepted and

examined. To protect the confidentiality of your data, you can configure identity authentication and

data encryption for the traffic and data of your network sessions.

To repair a LAN or high-speed Internet connection using the network icon


Secure network connections in Windows Vista and Windows Server 2008

Secure network connections in Windows 7 and Windows Server 2008 R2

Configuring Terminal and Scripting Options

Secure network connections in Windows Vista and Windows Server 2008

You can use the following sections to secure connections in Windows Vista and Windows

Server 2008.

Configure identity authentication and data encryption settings

Enable smart card or other certificate authentication

Configure identity authentication and data encryption settings

You can use this procedure to configure the security settings of a network connection.

Changing the security settings for your network connections can increase the protection provided

to your computer and the data going through the network connection to your computer. Use the

strongest security settings that both your local computer and the host to which you are connecting

can support. Check with the administrator of the remote network host to determine the settings

that are supported by that computer.



2. Right-click the network connection that you want to configure, and then click Properties.

3. On the Security tab, do one of the following:

To select preconfigured combinations of identity authentication methods and data encryption requirements, click Typical (recommended settings), and then in Validate my identity as follows, click a method to use for validation.

Depending on your Validate my identity as follows selection, you can select

(enable) or clear (disable) the Automatically use my Windows logon name and

password (and domain if any) or Require data encryption (disconnect if none)

check boxes. If Require data encryption (disconnect if none) is not enabled,

encryption is optional.

To configure identity authentication and data encryption settings

The following tables shows which selections are available.

Security settings for dial-up and broadband (PPPoE) connections

Validate my identity as

follows

Automatically use my

Windows logon name and

password (and domain if

any)

Require data encryption

(disconnect if none)

Allow unsecured

password

Unavailable Unavailable

Require secured

password

Available Available

Use smart card Unavailable Available

Security settings for VPN connections

Validate my identity as

follows

Automatically use my

Windows logon name and

password (and domain if

any)

Require data encryption

(disconnect if none)

Require secured

password

Available Available (enabled by

default)

Use smart card Unavailable Available (enabled by

default)

To individually enable, configure, and disable authentication methods and encryption requirements, click Advanced (custom settings), and then click Settings.

To prevent encryption, in Data encryption, click No encryption allowed (server will disconnect if it requires encryption).

Enable smart card or other certificate authentication

You can use this procedure to configure smart card or other certificate-based authentication.

Smart card and certificate authentication are considered to be more secure than the traditional

combination of a user name and password. Knowledge of the user name and password is

inadequate, and you must have access to the smart card or certificate in order to complete the

connection. Certificates, including those embedded in a smart card, are encrypted and can be

validated against a trusted certification authority.

Check with the administrator of the remote host to which you want to connect for the security

options supported by that computer.



2. Right-click the dial-up, virtual private network (VPN), or broadband (PPPoE) connection on which you want to use smart card or other certificate authentication, and then click Properties.

3. If you are using typical settings for your smart card, on the Security tab, click Typical (recommended settings), and in the Validate my identity as follows list, click Use smart card, and then click OK.

4. If you are individually enabling, configuring, and disabling authentication methods and encryption requirements, on the Security tab, click Advanced (custom settings), and then click Settings.

5. In Logon security, click Use Extensible Authentication Protocol (EAP), select Smart card or other certificate (encryption enabled) from the list, click Properties, and then do the following:

If you want to use the certificate on your smart card, click Use my smart card.

If you want to use the certificate in the certificate store on your computer, click Use a certificate on this computer.

If you want to verify that the server certificate presented to your computer has not expired, has the correct signature, and has a trusted root certification authority, select the Validate server certificate check box.

If you only want to connect to specific servers, select the Connect to these servers, and then type the name of the servers.

If you want to specify that the root certification authority for your server certificate must be in a particular root certification authority, in Trusted root certification authority, click the appropriate certification authority.

If you want to use a different user name when the user name in the smart card or certificate is not the same as the user name in the domain that you are logging on to, select the Use a different user name for the connection check box.

Additional considerations If, for example, you work for a consulting company where you need to log on to the domain of

the company to which you are assigned, but your smart card contains a user name specific to your home company, select the Use a different user name for the connection check box.

To enable smart card or other certificate authentication

If you select the Use a different user name for the connection check box, your certificate is exported without private keys and submitted to the administrator of your remote server to be explicitly mapped to your domain user account.

Additional references For more information about smart cards, see "Smart Cards" at

http://go.microsoft.com/fwlink/?LinkId=89077.

Secure network connections in Windows 7 and Windows Server 2008 R2

You can use the following sections to configure data encryption and authentication settings for

network connections.

Configure data encryption for a connection

Configure Extensible Authentication Protocol (EAP) for connections

Configure data encryption for a connection

You can use this procedure to configure data encryption for a network connection.



2. Right-click the network connection that you want to configure, and then click Properties. The connection Properties dialog box opens.

3. In the connection Properties dialog box, click the Security tab. Click Data encryption, and select one of the following settings:

No encryption allowed (server will disconnect if it requires encryption). With this setting, you are specifying that the local computer will not allow encrypted connections with the network access server. If the network access server, such as a dial-up or VPN server, allows unencrypted connections, the connection might be allowed. If the network access server is configured to require encryption, the network access server will deny the connection because the connecting computer is not configured to allow encrypted connections. This setting is not recommended because it does not enable the additional security that encryption provides.

To configure data encryption for a network connection


Optional encryption (connect even if no encryption). With this setting, you are specifying that the local computer can connect to a network access server with or without data encryption for the connection. This setting is not recommended because it is possible to connect to a network access server that does not require encryption. In this circumstance, an unencrypted connection might be established, and the data that flows between your computer and the network access server is unprotected by data encryption.

Require encryption (disconnect if server declines). With this setting, you are specifying that the local computer requires data encryption. If the network access server is configured to provide encrypted connections, an encrypted connection might be established. If the network access server is configured to provide unencrypted connections only, and therefore declines to establish an encrypted connection, the local computer disconnects and no connection is established. This setting is recommended because it prevents the creation of unencrypted connections, allowing only connections that are protected by data encryption.

Maximum strength encryption (disconnect if server declines).With this setting, you are specifying that the local computer requires maximum strength encryption for all connections to network access servers. If the network access servers to which you connect do not support the strongest forms of encryption, the local computer disconnects and no connection is established.

4. Click OK.

Configure Extensible Authentication Protocol (EAP) for connections

You can use this procedure to configure EAP settings in 802.1X wired and wireless, VPN, dial-up,

and Broadband connection properties.

Use the following sections to configure EAP:

To configure Microsoft: Protected EAP (PEAP)

To configure Microsoft: Secured password (EAP-MSCHAP v2)

To configure Microsoft: Smart card or other certificate




3. In the connection Properties dialog box, click the Security tab. In Authentication and Use Extensible Authentication Protocol (EAP), click the arrow to expand the list, and

To configure Microsoft: Protected EAP (PEAP)

then click Microsoft: Protected EAP (PEAP).

4. Click Properties. The Protected EAP Properties dialog box opens.

5. In When connecting, ensure that Validate server certificate is selected.

Note

This setting ensures that the client computer verifies the identity of the remote

access server to which you connect. To verify the remote access server identity,

the client computer downloads and checks the remote access server certificate,

allowing the connection only when the certificate is issued by a certification

authority (CA) that the client computer trusts. Trust is established if the CA

certificate exists in the Trusted Root Certification Authorities store on the local

computer.

6. In When connecting, ensure that Connect to these servers is selected. Type the fully qualified domain name (FQDN) or the IP address of the VPN server(s) to which you want to connect.

7. In Trusted Root Certification Authorities, select the checkbox of the CA that issued the remote access server certificate and that you trust. For example, if you are connecting to a remote access server in the Contoso domain, select the CA certificate that is named Contoso Corporate Root Authority, Contoso Corporate Root CA, or something similar.

8. Ensure that Do not prompt user to authorize new servers or trusted certification authorities is not selected unless you have specific reasons to enable this setting.

9. In Select Authentication Method, click the arrow to expand the list, and then click either Secured Password (MS-CHAP v2) or Smart Card or other certificate.

Note

If you select Secured Password (MS-CHAP v2), you are configuring the

authentication method named PEAP-MS-CHAP v2. With this authentication

method, the client computer verifies the identity of the remote access server by

downloading and processing the remote access server certificate. In addition, so

that the remote access server can verify your identity, you are required to type a

user name and password, which the remote access server then verifies against

the organization user accounts database. If you select Smart Card or other

certificate, you are configuring the authentication method PEAP with Transport

Layer Security (PEAP-TLS). With this authentication method, the client computer

verifies the identity of the remote access server by downloading and processing

the remote access server certificate. In addition, so that the remote access

server can verify your identity, the remote access server downloads and

processes a certificate that is stored on your smart card or in the certificate store

on the local computer.

10. Click Configure.

11. If you selected Secured Password (MS-CHAP v2) in Select Authentication Method,

the EAP-MSCHAPv2 Properties dialog box opens. In When connecting, click Automatically use my Windows logon name and password (and domain, if any) if you do not want to be prompted to type your user name and password and if your correct user name and password for this connection are already stored by Windows on your computer. If your computer is a domain joined computer, Windows probably has your user name and password stored; if it is not, it probably does not. Click OK.

12. If you selected Smart Card or other certificate in Select Authentication Method, the Smart Card or other Certificate Properties dialog box opens.

a. In When connecting, click Use my smart card if you have a smart card; otherwise, click Use a certificate on this computer. If you choose Use a certificate on this computer, it’s recommended that you also click Use simple certificate selection, which allows Windows to choose the computer or user certificate that is best suited for the connection.

b. Ensure that Validate server certificate is selected.

c. Also ensure that Connect to these servers is selected. Type the fully qualified domain name (FQDN) or the IP address of the VPN server(s) to which you want to connect.

d. In Trusted Root Certification Authorities, select the checkbox of the CA that issued the VPN server certificate and that you trust.

e. Ensure that Do not prompt user to authorize new servers or trusted certification authorities is not selected unless you have specific reasons to enable this setting.

f. Click Use a different user name for the connection if you want to specify a different user name when connecting to the VPN server, and then click OK.

13. In Select Authentication Method, ensure that Enable Fast Reconnect is not selected. This setting is primarily used for wireless connections and allows roaming laptops to be reauthenticated quickly when they move between multiple wireless access points that are configured as Remote Authentication Dial In User Service (RADIUS) clients to the same RADIUS server. Because this is a VPN connection, this setting is not needed.

14. Click Enforce Network Access Protection (NAP) if your organization uses NAP.

15. Click Disconnect if server does not present cryptobinding TLV if your organization supports this level of security for remote access connections.

16. Click Enable Identity Privacy if your organization supports this level of security for remote access connections, and then type the Identity Privacy key in the text box.

17. Click OK.



3. In the connection Properties dialog box, click the Security tab. In Authentication and Use Extensible Authentication Protocol (EAP), click the arrow to expand the list, and then click Microsoft: Secured password (EAP-MSCHAP v2).

To configure Microsoft: Secured password (EAP-MSCHAP v2)

Note

When you select Microsoft: Secured Password (MS-CHAP v2), you are

configuring the authentication method EAP-MS-CHAP v2. With this

authentication method, the client computer verifies the identity of the remote

access server by downloading and processing the remote access server

certificate. In addition, so that the remote access server can verify your identity,

you are required to type a user name and password, which the remote access

server then verifies against the organization user accounts database. EAP-MS-

CHAP v2 is less secure than PEAP-MS-CHAP v2.

4. Click Properties. The EAP-MSCHAPv2 Properties dialog box opens. In When connecting, click Automatically use my Windows logon name and password (and domain, if any) if you do not want to be prompted to type your user name and password and if your correct user name and password for this connection are already stored by Windows on your computer. If your computer is a domain joined computer, Windows probably has your user name and password stored; if it is not, it probably does not. Click OK.



3. In the connection Properties dialog box, click the Security tab. In Authentication and Use Extensible Authentication Protocol (EAP), click the arrow to expand the list, and then click Microsoft: Smart card or other certificate. The Smart Card or other Certificate Properties dialog box opens.

Note

When you select Microsoft: Smart Card or other certificate, you are

configuring the authentication method EAP-TLS. With this authentication method,

the client computer verifies the identity of the remote access server by

downloading and processing the remote access server certificate. In addition, so

that the remote access server can verify your identity, the remote access server

downloads and processes a certificate that is stored on your smart card or in the

certificate store on the local computer. EAP-TLS is less secure than PEAP-TLS.

4. In the Smart Card or other Certificate Properties dialog box, configure the following items.

a. In When connecting, click Use my smart card if you have a smart card; otherwise, click Use a certificate on this computer. If you choose Use a certificate on this computer, it’s recommended that you also click Use simple certificate selection, which allows Windows to choose the computer or user certificate that is best suited for the connection.

b. Ensure that Validate server certificate is selected.

To configure Microsoft: Smart card or other certificate

c. Also ensure that Connect to these servers is selected. Type the fully qualified domain name (FQDN) or the IP address of the remote access server(s) to which you want to connect.

d. In Trusted Root Certification Authorities, select the checkbox of the CA that issued the remote access server certificate and that you trust.

e. Ensure that Do not prompt user to authorize new servers or trusted certification authorities is not selected unless you have specific reasons to enable this setting.

f. Click Use a different user name for the connection if you want to specify a different user name when connecting to the remote access server, and then click OK.

Configuring Terminal and Scripting Options

Windows provides the ability to execute commands manually or to specify scripts that are

executed during the logon process for a remote computer or network. This section describes how

to configure your remote access connection to use these features.


Use the Terminal feature to log on to a remote computer

Activate a logon script

Use the Terminal feature to log on to a remote computer

You can use this procedure to configure your dial-up connection to display a terminal window to

the remote computer that you can use to log on to the remote system.



2. Right-click the dial-up connection on which you want to use Terminal, and then click Properties.

3. On the Security tab, under Interactive logon and scripting, select the Show terminal window check box.

4. After you connect, the After Dial Terminal window appears and prompts you from the remote computer display.

5. Use the After Dial Terminal window to log on to the remote computer.

To use the Terminal feature to log on to a remote computer

6. After you have completed all interactions with the remote computer, click Done. At this point, authentication on the remote access server begins.

Additional considerations If the logon sequence does not vary, you can write a script that automatically passes

information to the remote computer during the logon sequence, which enables completely automatic connections. For more information, see Activate a logon script.

Activate a logon script

You can use this procedure to configure your dial-up connection to run a series of commands

from a script.

The scripting capability for dial-up networking allows your computer to recognize requests for

logon information, and supply it in a manner that the remote system requires. Windows includes a

sample file named Switch.inf that contains information about how to modify it to do basic logon

tasks.

This procedure activates the logon script to run the next time you start the connection. Every time

Windows uses this connection, Windows runs the commands found in script file you select in the

procedure below.



2. Right-click the dial-up connection on which you want to activate a script, and then click Properties.

3. On the Security tab, select the Run script check box.

4. To use a script file of your own, click Browse, and then locate the script you want to use.

5. Or, to use the default script Switch.inf, click Edit.

If you click Edit, and then open Switch.inf by using Notepad, immediately click Save As

to resave the file with a different file name so as to preserve the default Switch.inf file.

To activate a logon script

Manage Network Discovery, File and Printer Sharing

You can use the procedures in this section to enable or disable network discovery, file sharing,

and printer sharing.

Network discovery enables a set of Windows Firewall rules that allow your computer to be found

by other computers on the network. When network discovery is turned off, Windows Firewall

prevents your computer from responding to network discovery protocol traffic.

By default, file sharing, printer sharing, and network discovery are not enabled.

There are several types of file sharing and printer sharing that you can configure:

File sharing. When this is turned on, Windows Firewall allows standard users to choose whether to share files or folders in their profiles, that is, files and folders under %systemroot%\Users\%username%. Administrators can share any file or folder on the computer.

Public folder sharing. Turning this on automatically shares the folder found at %systemroot%\Users\Public. Turning on public folder sharing automatically turns on file sharing, which is required.

Printer sharing. Turning this on shares the printers which are installed on this computer so they can be used from other computers on the network. Selecting the Printer Sharing option automatically selects the File Sharing option, which is required.

Password protected sharing. This option is available on computers that are not joined to a domain. Turning this option on restricts access to shared resources to only those users that have valid user accounts and passwords on this computer. To grant access to a shared folder on this computer to a user on another computer, you must create a user name and password on this computer and supply them to the other user for use when accessing this shared folder.

You can use the following sections to complete this task:

Configure Sharing and Discovery in Windows Vista and Windows Server 2008

Configure Sharing and Discovery in Windows 7 and Windows Server 2008 R2

Configure Sharing and Discovery in Windows Vista and Windows Server 2008

You can use the following procedures to enable sharing and network discovery:

To enable network discovery

To enable file sharing or printer sharing

Note

To enable public folder sharing

To enable password protected sharing




2. Click the down arrow button next to Network Discovery.

3. To allow your computer to be found by other computers on the network, click Turn on network discovery.

4. To prevent your computer from being found by other computers on the network, click Turn off network discovery.

5. Click Apply.

6. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

Additional considerations To use the Ping tool you must enable File Sharing. Turning on Network Discovery does not

enable the ports used by Internet Control Message Protocol (ICMP), the protocol used by Ping.

If you have firewall software installed, it can affect your ability to use Ping or other diagnostic networking tools. To use Ping, ensure that your firewall software is configured to allow ICMP protocol packets.


2. Click the down arrow button next to either File Sharing or Printer Sharing.

3. To allow users to share files or folders, or to share printers, click Turn on file sharing or Turn on printer sharing.

4. Click Apply.


Additional considerations Firewall software blocks network sharing by default for security. To use file sharing or printer

sharing in Windows, you must ensure that your firewall software is configured to allow the appropriate networking protocols to communicate. Consult the documentation that came with your firewall software.

Turning on printer sharing automatically turns on file sharing, because printer sharing uses the same protocols as file sharing, and requires the same Windows Firewall rules to be

To enable network discovery To enable file sharing or printer sharing

enabled. However, the reverse is not true: turning on file sharing will not automatically turn on printer sharing.

To allow some users to share files, but prevent others, see Enable or disable File Sharing with Group Policy.


2. Click the down arrow button next to Public Folder Sharing.


To disable public folder sharing, click Turn off sharing (people logged on to this computer can still access this folder).

To allow network users to read but not modify the files or folders, click Turn on sharing so anyone with network access can open files.

To allow network users to read, modify, create, or delete files or folders, click Turn on sharing so anyone with network access can open, change and create files.

4. Click Apply.


Additional considerations To enable public folder sharing, but prevent users from sharing files or folders in their own

folders, enable public folder sharing as shown, and then follow the procedure in Enable or disable File Sharing with Group Policy.


2. Click the down arrow button next to Password protected sharing.


To disable password protected sharing, click Turn off password protected sharing.

To enable password protected sharing, click Turn on password protected sharing.

4. Click Apply.


Additional considerations Turning this option on restricts access of shared resources to only those users with valid user

accounts and passwords on this computer. To grant access to a shared folder on this computer to a user on another computer, you must create a user name and password on this computer and supply them to the other user. If the user name and password they use to log on to their computer is different, then they will be asked to supply credentials when accessing a shared folder.

To enable public folder sharing To enable password protected sharing

Configure Sharing and Discovery in Windows 7 and Windows Server 2008 R2

You can use this procedure to configure specific sharing and discovery options for each network

profile that you use on your computer. Following are the three network profile types that might be

available for you to configure in Network and Sharing Center:

Home or Work. Configure this profile for networks that have a network location of Home or Work. This profile and network location should be used only in circumstances where you trust all of the computers on the network.

Public. Configure this profile for networks that have a network location of Public. This profile and network location should be used for all networks that include computers that you do not own or trust, such as public networks at coffee shops and airports.

Domain. Configure this profile for networks that have a network location of Domain. This profile and network location should be used and is available only for network connections that connect to a domain.

After you select a network profile to configure, there are multiple options that you can modify. The

following table displays the options that are available for each network profile.

Option below is

available on:

Home or Work Public Domain

Network discovery Yes Yes Yes

File and printer sharing Yes; printer sharing

available only if a

printer is connected

Yes; printer sharing

available only if a


Yes; printer sharing

available only if a


Public folder sharing Yes Yes Yes

Media streaming Yes for Windows 7

only

Yes for Windows 7

only

Yes for Windows 7

only

File sharing

connections

Yes for Windows 7

only

Yes for Windows 7

only

Yes for Windows 7

only

HomeGroup

connections

Yes for Windows 7

only

No No

Password protected

sharing

Yes for Windows

Server 2008 R2 only

Yes for Windows

Server 2008 R2 only

Yes for Windows

Server 2008 R2 only




2. In the Network and Sharing Center left pane, click Change advanced sharing settings. The Advanced sharing settings folder opens.

3. In Advanced sharing settings, in Change sharing options for different network profiles, click the arrow next to the network profile that you want to configure, and then select the options that you prefer.

Manage the Network Icon, Network Location, and Network Map

You can use this section to review the meaning of Network and Sharing Center icons, to modify

the behavior of the Network icon in the taskbar notification area, and to perform other actions for

Network Map and the Network Location wizard.

You can use the following procedures to perform these tasks:

Review Network and Sharing Center icons

Display the Network Map

Configure network icon animation in Windows Vista and Windows Server 2008

Enable or disable notification of new networks

Specify a network location for an active network in Windows 7 and Windows Server 2008 R2

Turn off the Network Location wizard

Customize networks in Windows Vista and Windows Server 2008

Display or hide the network icon in the notification area

Review Network and Sharing Center icons

You can use this topic to review the meaning of icons that are displayed in Network and Sharing

Center.

Network and Sharing center displays icons that represent available network connections. These

icons include elements that are layered on top of each other to convey status information about

that connection.

To configure sharing and discovery options for network profiles

Icon Description Icon

The network connection is enabled and

connected.

The network connection is disabled or not

connected.

Wired LAN connection.

Wireless network connection.

Virtual private network (VPN) connection.

Dial-up network connection.

A network connection created with Connection

Manager.

Bluetooth personal area network (PAN)

connection.

Point-to-Point Protocol over Ethernet (PPPoE)

connection.

On a wired LAN connection, this indicates that

the network cable is disconnected or broken. In

the case of a wireless network adapter, it

indicates that it is not currently associated with

an access point.

Indicates that this is the default network

connection.

No modem is available for a dial-up connection.

Network bridge - indicates that one or more of

the high speed network connections are

bridged through this computer.

Display the Network Map

You can use this procedure to display the Network Map.

The Network Map allows you to see the devices on your local subnet, and how they are

connected to each other and to the Internet. The computer on which you generate the map is

displayed in the upper left corner. Other computers on your subnet are listed to the left.

Infrastructure devices, such as switches, hubs, and gateways to other networks are shown to the

right.



2. On the right side of the Status section, click View full map.

Note

In Windows 7 and Windows Server 2008 R2, click See full map.

Additional considerations

By default, the Network Map works only on a network with a location type of Private or Home.

Network Map does not display network or device information for networks that have a Public or

Domain location type, unless your configuration includes the following requirements:

The Group Policy settings for Link Layer Topology Discovery (LLTD) are enabled.

The LLTD Responder is installed.

Print and File Sharing are not blocked by Windows Firewall or third party firewall software.

Configure network icon animation in Windows Vista and Windows Server 2008

You can use this procedure to enable or disable the animation of the Network icon in the

notification area. If enabled, the animation displays network activity. By default, the animation is

not displayed.


Right-click the network icon in the notification area ( ).


If the animation is currently disabled, click Turn on activity animation.

If the animation is currently enabled, click Turn off activity animation.

Additional considerations If you enable the animation, whenever network traffic occurs, the icon changes to show the

monitor screens illuminated. This animation is not indicative of the amount of traffic, or the direction in which it is flowing. It only indicates that some network traffic is detected.

To display the Network Map To enable or disable network activity animation in the icon

Enable or disable notification of new networks

You can use this procedure to enable or disable the notifications that Windows Vista and

Windows Server 2008 display when a new network is detected. By default, notification of new

networks is enabled.


1. Right-click the network icon in the taskbar notification area.


If notification is currently disabled, click Turn on notification of new networks.

If notification is currently enabled, click Turn off notification of new networks.

Specify a network location for an active network in Windows 7 and Windows Server 2008 R2

You can use this procedure to specify whether an active network is a Home network, Work

network, or a Public network.

In some cases, it is not possible to change the network location for an active network. For

example, if your network is a domain network that is managed by a network

administrator, you might not be able to change the network location using this procedure.

For networks whose network location cannot be changed, there is no link below the

network name for you to click, as described in the procedure below.


1. Start Network and Sharing Center

2. In View your active networks, click the link below an active network name. For example, if you have a network named Network 1 and there is a link below the network name, click the link. The Set Network Location dialog box opens.

3. In the Set Network Location dialog box, click one of the following items:

Home network. Specifies that all of the computers on your network are trusted and

To enable or disable notification of new networksImportant

To specify a network location for an active network

secure. Do not select this item if the active network contains computers that you do not own and trust. For example, do not select this item if the active network is in a public place.

Work network. Specifies that all of the computers on the active network are at your workplace. Do not select this item if the active network is in a public place.

Public network. Specifies that the active network is in a public location, such as an airport or a coffee shop, and that there are computers on the network that are owned and operated by people that you do not know. This network location is recommended for all networks to which you connect other than your home and work networks.

4. Windows changes the network location and displays the Set Network Location dialog box with a summary of your network location. Review the summary, and then click Close.

Turn off the Network Location wizard

You can use this procedure to disable the Network Location wizard for all users on a computer or

for a specific user.


The Network Location wizard provides the option of setting the default network as Home, Work,

or Public location. Unless your network is part of a domain, the default setting for your network

is Public location. If your network is not part of a domain, the Public location setting is

recommended.

If you are an administrator, you can turn off the Network Location wizard, either for all users on a

computer or only for a specific user, by creating a new registry key.

You can turn off the Network Location wizard for all users on the computer by creating the

following registry key:

HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff

When this key is configured on the local computer, the wizard is disabled, regardless of the value

configured for the key. When a user connects the computer to any new network and this key is

present, the wizard is turned off and does not appear.

1. Click Start, and then click Run.

2. In the Open box, type regedit, and then click OK.

Registry Editor opens.

3. In Registry Editor, click Edit, click New, and then click Key.

4. Type the following registry entry:

HKLM\System\CurrentControlSet\Control\Network\NewNetworkWindowOff

To turn off the Network Location Wizard for all users on a computer

You can turn off the Network Location wizard for the current user on the computer by creating the

following registry key:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network\NwCategoryWizard\Show

In order to disable the wizard for the user, the key must be present and its value set to 0. When

the computer is connected to any new network and the key is present, the wizard does not

appear for that user. The wizard does appear for other users on the computer, unless they too

have set the key for disabling the wizard.

1. Click Start, and then click Run.

2. In the Open box, type regedit, and then click OK.

Registry Editor opens.

3. In Registry Editor, click Edit, click New, and then click DWORD (32-bit) Value.

4. Type the following registry entry:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network\

NwCategoryWizard\Show

5. Configure the registry key with a value of 0.

Customize networks in Windows Vista and Windows Server 2008

You can use this procedure to customize the way a network is displayed in the Network and

Sharing Center for standard users.

When Windows detects a new network, it is displayed in the Network and Sharing Center by

using the Domain Name System (DNS) domain name associated with that network. A default icon

appears, based on the selection of public, private, or domain network that is assigned to the

network. You can change the displayed name to something more recognizable to the user on the

computer, such as "Contoso Corporate Network" rather than the default of something similar to

"corp.contoso.com". You can also change the icon that appears.

If the network is not associated with a domain, then you can also choose between private and

public network location types.

Your selection of a network location type has security implications that you must

understand. Selecting the private network location type allows more network services to

operate than are appropriate on a public network. Ensure that you select the network

location type appropriate for your network.



To turn off the Network Location Wizard for the current userCaution


2. On the right-hand edge of the window, click Customize next to the network you want to change.

3. In the Network name text box, enter the display text you want Windows to use to identify your network.

4. In the Location type section, select either Public or Private. This option is only available if the computer is not a member of a domain on this network.

5. Click Change to select an icon, or to choose a custom icon to represent your network.

6. If Windows has created multiple network locations for a network that you want treated as a single network, you can click Merge or delete network locations to consolidate them, or to delete locations you no longer need.

Display or hide the network icon in the notification area

You can use the following procedures to display or hide the network icon in the taskbar

notification area.

Display or hide the network icon in Windows Vista and Windows Server 2008

Display or hide the network icon in Windows 7 and Windows Server 2008 R2

Display or hide the network icon in Windows Vista and Windows Server 2008

You can use this procedure to display or hide the network icon in the notification area of the

taskbar.


1. Right-click the Start button, and then click Properties.

2. Click the Notification Area tab.


To display the icon, select the Network check box.

To hide the icon, clear the Network check box.


To customize the appearance of a network in the Network and Sharing CenterTo display or hide the network icon in the notification area

Additional considerations The network icon provides the easiest access to the Network and Sharing Center from your

desktop. If you remove the icon, then you can access the Network and Sharing Center by clicking Start, clicking Control Panel, clicking Network and Internet, and then clicking View Network status and tasks.

Display or hide the network icon in Windows 7 and Windows Server 2008 R2

You can use this procedure to display or hide the network icon in the notification area of the

taskbar.


1. Right-click the Start button, and then click Properties. The Taskbar and Start Menu Properties dialog box opens.

2. In the Taskbar and Start Menu Properties dialog box, click the Taskbar tab. In Notification area, click Customize. The Notification Area Icons page opens.

3. If the Always show icons and notifications on the taskbar check box is selected and you want to change the settings for individual items in the list, click Always show icons and notifications on the taskbar to deselect the checkbox. This action makes individual list items available for configuration.

4. In Select which icons and notifications appear on the taskbar, scroll down to and click Network, and then select one of the following items:

Show icon and notifications

Hide icon and notifications

Only show notifications


Additional considerations The network icon provides the easiest access to the Network and Sharing Center from your

desktop. If you remove the icon and you want to start Network and Sharing Center, see Start Network and Sharing Center.

To display or hide the network icon in the notification area

Configure Network and Sharing Center for a Managed Network

You can use the procedures in this section to configure how different features of the Network and

Sharing Center are deployed in a managed network environment.

Most of the procedures in this section use Group Policy. If you edit policy settings locally on a

computer, you will affect the settings on only that one computer. If you configure the settings in a

Group Policy object (GPO) hosted in an Active Directory domain, then the settings apply to all

computers that are subject to that GPO. For more information about Group Policy in an

Active Directory domain, see Group Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

This section includes the following tasks for administering the Network and Sharing Center:

Configure network connection restrictions with Group Policy

Enable or disable File Sharing with Group Policy

Enable or disable Internet Connection Sharing with Group Policy

Enable or disable Network Bridge with Group Policy

Use the Network Configuration Operators group

Configure the Network Map

Configure network connection restrictions with Group Policy

You can use this procedure to configure some restrictions on network connections by using

Group Policy. These settings are all found in the Group Policy Management Console (GPMC) at

the following location:

User Configuration\Administrative Templates\Network\Network Connections

The following Group Policy settings can be edited and applied to users that are members of the

Group Policy object (GPO) in which the Group Policy setting is included. By default, the Group

Policy settings are not configured.

Prohibit deletion of remote access connections. If you enable this Group Policy setting, then affected users cannot delete any remote access connections, including those they create themselves.

Prohibit access to the Remote Access Preferences item on the Advanced menu. If you enable this Group Policy setting, then affected users cannot access the Remote Access Preferences setting on the Advanced menu of the Network Connections folder. The top menu bar, including the Advanced menu, appears when you press the ALT key.

Prohibit access to properties of a LAN connection. If you enable this Group Policy setting, then affected users cannot change any of the properties of a LAN connection.


Ability to change properties of an all user remote access connection. If you enable this Group Policy setting, then affected users can modify the properties of a remote access connection that is shared with the other users on the computer. By default, standard users can only modify properties for a connection that is not shared.

Prohibit connecting and disconnecting a remote access connection. If you enable this Group Policy setting, then affected users cannot connect by using any remote access connection, or disconnect any that are currently connected.

Prohibit changing properties of a private remote access connection. If you enable this Group Policy setting, then affected users cannot change the remote access connection properties that are not shared. By default, standard users can modify connections that are not shared.

Prohibit renaming private remote access connections. If you enable this Group Policy setting, then affected users cannot rename remote access connections that are not shared. By default, standard users can modify connections that are not shared.



1. Click Start, then in the Start Search box, type gpmc.msc, but do not press ENTER.

2. When the icon for GPMC.msc appears on the Programs list at the top of the Start menu, right-click it, and then click Run as administrator.

If the User Account Control dialog box appears, ensure it is for the action you

requested, and then enter your administrator credentials.

If you edit policy settings locally on a computer, you will affect the settings on only that

one computer. If you configure the settings in a Group Policy object (GPO) hosted in an

Active Directory domain, then the settings apply to all computers that are subject to that

GPO. For more information about Group Policy in an Active Directory domain, see Group

Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

1. Log on as the user for which you want to apply these Group Policy settings.

2. Open Group Policy Management Console as an administrator.

3. In the navigation pane, open User Configuration\Administrative Templates\Network\Network Connections.

4. In the details pane, double-click one of the Group Policy settings described above.


To enforce the Group Policy setting on the currently logged on user, select Enabled, click Apply, and then click OK.

To not enforce the Group Policy setting on the currently logged on user, select Disabled, click Apply, and then click OK.

6. After you have modified all of the Group Policy settings you want, close Group Policy Management Console.

To open the Group Policy Management Console as an administratorTo enable or disable a Network Connections restriction policy for the current user


7. Log off and log back on as the user to enforce the changes you made.

Enable or disable File Sharing with Group Policy

You can use this procedure to enable or disable a user's ability to share files within his or her

profile.

A member of the Administrators or Network Configuration Operators group can enable or disable

network sharing. This Group Policy setting affects only the users or groups to which it is applied,

and prevents that user or group from sharing their folders even if folder sharing is enabled at the

computer level.

By default, this setting is not configured. If you enable this setting, users will not be able to share

files within their profile.



1. Start Group Policy Management Console (GPMC). To do so, click Start, and then in the Start Search box, type gpmc.msc.

2. In the navigation pane, open the following folders: Local Computer Policy, User Configuration, Administrative Templates, Windows Components, and Network Sharing.

3. In the details pane, double-click Prevent users from sharing files within their profile.


To enable the Group Policy setting, and disable the user's ability to share files, click Enabled.

To disable the Group Policy setting, and enable the user's ability to share files, click Disabled.


Additional considerations If you edit policy settings locally on a computer, you will affect the settings on only that one

computer. If you configure the settings in a Group Policy object (GPO) hosted in an Active Directory domain, then the settings apply to all computers that are subject to that GPO. For more information about Group Policy in an Active Directory domain, see Group Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

To enable or disable file sharing for a user or group by using Group Policy


Enable or disable Internet Connection Sharing with Group Policy

You can use this procedure to enable or disable Internet Connection Sharing (ICS).

ICS allows a computer that is connected to both a private and public network to share access to

the public network with all computers on the private network. In an enterprise environment where

you want to control access to the public network, you can disable ICS on all other computers to

reduce the risk of unmanaged access to the public network.

If you disable ICS on a computer, the following results occur:

The ICS service cannot be started or configured.

The Advanced tab in the Connection Properties dialog box is removed.

The Internet Connection Sharing page is removed from the New Connection page.

The Network Setup page is disabled.



1. Open Group Policy Management Editor. To do so, click Start, and then in the Start Search box, type mmc gpedit.msc.

2. In the navigation pane, open the following folders: Local Computer Policy, Computer Configuration, Administrative Templates, Network, and Network Connections.

3. In the details pane, double-click Prohibit use of Internet Connection Sharing on your DNS domain network.


To enable the Group Policy setting, and disable ICS, click Enabled.

To disable the Group Policy setting, and enable ICS, click Disabled.


Additional considerations If you move the computer to a different Domain Name System (DNS) domain after applying

or refreshing the Group Policy setting, the change will not take effect until the Group Policy setting is refreshed again.

If you edit policy settings locally on a computer, you will affect the settings on only that one computer. If you configure the settings in a Group Policy object (GPO) hosted in an Active Directory domain, then the settings apply to all computers that are subject to that GPO. For more information about Group Policy in an Active Directory domain, see Group Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

To enable or disable Internet Connection Sharing


Enable or disable Network Bridge with Group Policy

You can use this procedure to enable or disable the user's ability to install and configure a

network bridge.

The Network Bridge setting, if enabled, allows users to create a Layer 2 Media Access Control

(MAC) bridge, enabling them to connect two or more physical network segments together. A

network bridge thus allows a computer that has connections to two different networks to share

data between those networks.

In an enterprise environment, where there is a need to control network traffic to only authorized

paths, you can disable the Network Bridge setting on a computer. If you disable Network

Bridge on a computer, users cannot create or configure a network bridge. By default, this setting

is not configured.




2. In the navigation pane, open the following folders: Local Computer Policy, Computer Configuration, Administrative Templates, Network, and Network Connections.

This setting is location-aware. It only applies when a computer is connected to the same

Domain Name System (DNS) domain network it was connected to when the setting was

refreshed on that computer. If a computer is connected to a DNS domain network other

than the one it was connected to when the setting was refreshed, this setting does not

apply

3. In the details pane, double-click Prohibit installation and configuration of Network Bridge on your DNS domain network.


To enable the Group Policy setting, and disable the Network Bridge setting, click Enabled.

To disable the Group Policy setting, and enable the Network Bridge setting, click Disabled.


Additional considerations If you move the computer to a different DNS domain after applying or refreshing the Group

Policy setting, the change will not take effect until the Group Policy setting is refreshed again.

To enable or disable Network Bridge

Enabling this setting to prohibit installation and configuration of a network bridge on your DNS domain network, will neither disable nor remove an existing network bridge from the user's computer.

If you edit policy settings locally on a computer, you will affect the settings on only that one computer. If you configure the settings in a Group Policy object (GPO) hosted in an Active Directory domain, then the settings apply to all computers that are subject to that GPO. For more information about Group Policy in an Active Directory domain, see Group Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

Use the Network Configuration Operators group

You can use this procedure to delegate the ability to manage most aspects of a computer's

network connectivity.

Many configuration restrictions that used to be applied by using Group Policy in earlier versions of

Windows are now restricted. To create a connection that is shared by multiple users, or to make

any configuration change that impacts a connection used by multiple users requires membership

in either the Administrators or Network Configuration Operators group. A standard user can create

new network connections, but can only save those connections for his or her own use. If you want

to allow someone to perform the configuration tasks documented in this guide but not make them

an Administrator, then you can make the user a member of the Network Configuration Operators

group.



1. Start Computer Management by clicking Start, right-clicking Computer, and then clicking Manage.

2. In the navigation pane, navigate to Computer Management (Local)/Local Users and Groups/Groups.

3. In the details pane, double-click the Network Configuration Operators group.

4. Click the Add button, and then select the users or groups to whom you want to delegate permissions.

Additional considerations Not all tasks in this guide can be performed by a member of the Network Configuration

Operators group. Check each procedure for information about what group membership is required. If a procedure only indicates that Administrators can perform the task, then a

To delegate network configuration permissions to a user


member of the Network Configuration Operator group receives an error when trying to perform that task.

If a member of the Network Configuration Operators group attempts to perform an action that cannot be performed by a standard user, then the User Account Control dialog box appears. This dialog box presents user accounts that can perform the operation. Clicking a user name on the list and entering its password allows the operation to proceed by using those credentials. If the user's current account that is a member of the Network Configuration Operators group is not displayed, then that group cannot perform that operation.

Configure the Network Map

When you have administrative privileges, you can enable or disable the Network Map feature in

Windows. Network Map uses two components:

The mapper input/output (I/O) component queries the network for devices to include in the map.

The responder component runs on computers on the network, and allows them to respond to the queries from the Mapper I/O.

You can use Group Policy settings to enable or disable Network Map components for any of the

network types: home, private, public, and domain. By default, the components run on home or

private networks, but do not run on domain or public networks.

You can install a responder component on computers that are running Windows XP so

that they will appear in Network Map. The Group Policy setting for the responder

component on Windows XP controls whether the responder can run in a domain

environment. Windows XP does not recognize public and private networks in the same

way as subsequent operating systems.


Enable or disable the LLTD Mapper I/O with Group Policy

Enable or disable the LLTD Responder with Group Policy

Install the LLTD Responder on a computer running Windows XP

Enable or disable the LLTD Mapper I/O with Group Policy

You can use this procedure to enable or disable the Link Layer Topology Discovery (LLTD)

Mapper input/output (I/O) component, and to specify the network location types in which it is

allowed to run.

Note

The LLTD Mapper I/O is a network component that discovers and communicates with the LLTD

Responder component running on other computers on your network. The information discovered

by the Mapper I/O allows the Network Map feature to create a graphic diagram that depicts the

devices and connections on your local subnet.

By default, the Mapper I/O component only runs on networks that have a location type of home or

private, and does not run on networks that have a location type of public or domain. By using

Group Policy you can disable the Mapper I/O component, or change the location types in which it

is allowed to run.



1. Open Group Policy Management Editor. To do so, click Start, and then in the Start Search box, type mmc gpedit.msc.

2. In the navigation pane, open the following folders: Local Computer Policy, Computer Configuration, Administrative Templates, Network, and Link-Layer Topology Discovery.

3. In the details pane, double-click Turn on Mapper I/O (LLTDIO) driver.

4. To disable the Mapper I/O component, click Disabled, and then click OK.

5. To enable the Mapper I/O component, click Enabled, and then select one or more of the following:

Allow operation while in domain

Allow operation while in public network

Prohibit operation while in private network




You must also enable the LLTD Responder component on any computers that you want to appear on your Network Map.

You must refresh Group Policy on the computers where you want the new settings to be applied in order for them to take effect. To refresh Group Policy, restart the computer or type the following command at a command prompt, and then press ENTER: gpupdate /force

To enable or disable the LLTD Mapper I/O by using Group Policy


Enable or disable the LLTD Responder with Group Policy

You can use this procedure to enable or disable the Link Layer Topology Discovery (LLTD)

Responder component, and to specify the network location types in which it is allowed to run.

The LLTD Responder component is a network component that allows the computer to be

discovered by another computer that is running the Network Map feature.

By default, the responder only runs on a network that has a network location type of home or

private, but does not run on networks that have a network location type of public or domain. By

using Group Policy, you can disable the responder altogether, or change the location types in

which it is allowed to run.




2. In the navigation pane, open the following folders: Local Computer Policy, Computer Configuration, Administrative Templates, Network, and Link-Layer Topology Discovery.

3. In the details pane, double-click Turn on Responder (RSPNDR) driver.

4. To disable the responder component completely, click Disabled, and then click OK.

5. To enable the responder component, click Enabled, and then select one or more of the following:

Allow operation while in domain

Allow operation while in public network

Prohibit operation while in private network


Additional considerations A version of the LLTP Responder component for Windows XP can be downloaded from the

following locations:

For Windows XP with Service Pack 1 (SP1) or SP2: http://go.microsoft.com/fwlink/?LinkId=70582

For Windows XP with SP3: http://go.microsoft.com/fwlink/?LinkId=156601

The LLTD Responder component is included in Windows 7, Windows

Server 2008 R2, Windows Vista, and Windows Server 2008.

If you edit policy settings locally on a computer, you will affect the settings on only that one computer. If you configure the settings in a Group Policy object (GPO) hosted in an

To enable or disable the LLTD Responder by using Group PolicyNote




Active Directory domain, then the settings apply to all computers that are subject to that GPO. For more information about Group Policy in an Active Directory domain, see Group Policy (http://go.microsoft.com/fwlink/?LinkId=55625).

A separate component, the LLTD Mapper I/O, runs on the computer that is generating the map and communicates with the computers running the Responder component.

You must refresh Group Policy on the computers where you want the new settings to be applied in order for them to take effect. To refresh Group Policy, restart the computer or type the following command at a command prompt, and then press ENTER: gpupdate /force

Install the LLTD Responder on a computer running Windows XP

For more information about the procedure to install the LLTD Responder component on a

computer running Windows XP, see Network Map Does Not Display Computers Running

Windows XP (http://go.microsoft.com/fwlink/?LinkID=66832).



Additional Resources

For more information about troubleshooting Network Connections problems, see the following

resources:

Network and Sharing Center (http://go.microsoft.com/fwlink/?linkid=58934)

For general information about how the Network and Sharing Center works, see the following

resources:

Network and Sharing Center Technical Reference (http://go.microsoft.com/fwlink/?LinkId=71748)








Additional referencesFor more information about wireless networking and other technologies that are mentioned in this

guide, see the following information:

For more information about Connection Manager Administration Kit (CMAK), see Connection Manager Administration Kit at http://go.microsoft.com/fwlink/?linkid=55986.

For information about using Group Policy with Windows Vista®, see Active Directory Schema Extensions for Windows Vista Wireless and Wired Group Policy Enhancements at http://go.microsoft.com/fwlink/?LinkId=89080.

For more information about TCP/IP v4, see IP version 4 (IPv4) at http://go.microsoft.com/fwlink/?LinkId=193992.

For more information about IPv6, see IP Version 6 (IPv6) at http://go.microsoft.com/fwlink/?LinkId=187529 and IP Version 6 Support at http://go.microsoft.com/fwlink/?LinkId=89069.

For information about protected IEEE 802.11 wireless access, see Deployment of Protected 802.11 Networks Using Microsoft Windows at http://go.microsoft.com/fwlink/?LinkId=28116.

For information about IEEE 802.1X authentication, see IEEE 802.1X Authentication for Wireless and Wired Connections at http://go.microsoft.com/fwlink/?LinkID=73159.

Wireless Networking in Windows Vista at http://go.microsoft.com/fwlink/?LinkId=89054

Windows Vista Wireless Networking Evaluation Guide at http://go.microsoft.com/fwlink/?LinkId=89052

Connecting to Wireless Networks with Windows Vista at http://go.microsoft.com/fwlink/?LinkId=89053















Documents

Network and Sharing Center Operations Guide