Netsh is a Windows command-line tool that can help with the network configuration of a particular Windows system. Here are just some of the networking related tasks we can use Netsh for:
Finding routesViewing the firewall configurationAdding proxiesCreating port forwarding rules
Prerequisites
- Administrator privileges on the Windows host.
netshavailable (built-in on Windows).
Create Port Forward
netsh interface portproxy add v4tov4 listenport=2222 listenaddress=192.168.50.64 connectport=22 connectaddress=10.4.50.215
- Listens on
192.168.50.64:2222. - Forwards to
10.4.50.215:22.
View Established Port Forwards
netsh interface portproxy show all
Allow Port Forward Through Windows Firewall
netsh advfirewall firewall add rule name="port_forward_ssh_2222" protocol=TCP dir=in localip=192.168.50.64 localport=2222 action=allow
Delete Port Forward
netsh interface portproxy del v4tov4 listenport=2222 listenaddress=192.168.50.64
Additional Examples
Create a forward on 8080:
netsh.exe interface portproxy add v4tov4 listenport=8080 listenaddress=10.129.42.198 connectport=3389 connectaddress=172.16.5.25
Show specific v4tov4 configuration:
netsh.exe interface portproxy show v4tov4
Example:
netsh interface portproxy show all
netsh interface portproxy add v4tov4 listenport=5555 listenaddress=0.0.0.0 connectport=3389 connectaddress=172.16.5.19
netsh advfirewall firewall add rule name="RDP Pivot" dir=in action=allow protocol=TCP localport=5555 netsh interface portproxy show all
xfreerdp /v:10.129.42.198:5555 /u:user /p:pass