PowerShell Power-Pack: 10 Must-Use Commands for Lightning-Fast Network Troubleshooting

Hey there, tech whizzes!

PowerShell is a powerhouse for any Windows administrator. Plus, it's great for keeping an eye on Windows network settings and services. Windows PowerShell has truly changed the game for the Windows command line — whether you're managing configurations, installing software, or scripting.

Let's deep dive and explore the top 10 commands you can use to debug network-related issues.

If you're already comfortable with PowerShell, you know it's a powerful ally for troubleshooting network hiccups. Below is a friendly rundown of the top 10 PowerShell commands you'll want in your toolbox for PowerShell network troubleshooting. Each entry comes with a short description, the most useful parameters, and a real-world example that you can copy-paste right into your console.

Pro tip: Run these commands in an elevated PowerShell session (Run as Administrator) whenever you're dealing with firewall rules or packet captures.

---

1. Test-Connection

What it does: A modern, flexible ping — returns objects you can pipe and filter.

Key parameters: -ComputerName, -Count, -Delay, -Quiet (just a Boolean)

Example:

Test-Connection -ComputerName google.com -Count 4

Why use it? Quick "is the host alive?" check, plus you can pipe results to Where-Object for advanced filtering.

2. Test-NetConnection

What it does: Tests connectivity and specific ports (TCP/UDP).

Key parameters: -ComputerName, -Port, -InformationLevel (Detailed, Quiet)

Example:

Test-NetConnection -ComputerName example.com -Port 443

Why use it? Perfect for "is HTTPS open?" or checking that a custom service port is reachable.

3. Get-NetTCPConnection

What it does: Lists all active TCP connections and their states — effectively a PowerShell-native replacement for netstat.

Key parameters: -State (Established, Listen, etc.)

Example:

Get-NetTCPConnection -State Established | Select-Object LocalAddress,LocalPort,RemoteAddress,RemotePort,State

Why use it? Spot hanging or suspicious connections before they become a problem.

4. Get-NetUDPEndpoint

What it does: Shows all active UDP endpoints (no state, but great for DNS/streaming checks).

Example:

Get-NetUDPEndpoint | Format-Table -AutoSize

Why use it? UDP is stateless, so this gives you a quick snapshot of what's listening.

5. Get-NetAdapter

What it does: Displays adapter details (status, speed, MAC).

Example:

Get-NetAdapter | Format-Table Name, Status, LinkSpeed, MacAddress

Why use it? If your Wi-Fi feels sluggish or a NIC is down, this command tells you right away.

6. Get-NetIPAddress

What it does: Lists IP addresses assigned to each interface.

Example:

Get-NetIPAddress -AddressFamily IPv4 | Format-Table IPAddress,InterfaceAlias,PrefixLength

Why use it? Handy when you forget your IP or suspect a DHCP issue.

7. Get-NetRoute

What it does: Shows the routing table.

Example:

Get-NetRoute | Sort-Object DestinationPrefix | Format-Table DestinationPrefix,NextHop,InterfaceAlias

Why use it? If traffic isn't going where you expect, this is the map you need.

8. Get-NetFirewallRule

What it does: Lists firewall rules that could be blocking traffic.

Example:

Get-NetFirewallRule -Enabled True | Format-Table Name,Direction,Profile,Action,DisplayName

Why use it? When an app suddenly stops working or a port is unreachable, check the firewall first.

9. Get-NetAdapterStatistics

What it does: Shows packet statistics per adapter (sent, received, errors).

Example:

Get-NetAdapterStatistics | Format-Table Name,BytesReceived,BytesSent,PacketsReceived,PacketsSent

Why use it? If you suspect packet loss or a NIC is misbehaving, the numbers tell the story.

10. New-NetEventSession + Add-NetEventPacketCaptureProvider

What it does: Captures live network packets for deep inspection (requires Windows 10 / Server 2016+).

Key parameters: -Name, -Provider (Microsoft-Windows-PacketCapture)

Example:

# Create a session
New-NetEventSession -Name "MyCapture"

# Add the packet capture provider (filters optional)
Add-NetEventPacketCaptureProvider -SessionName "MyCapture"

# Start capturing
Start-NetEventSession -Name "MyCapture"

# Stop when done (after a few seconds or based on a trigger)
Stop-NetEventSession -Name "MyCapture"

# Export to .etl for Wireshark
Export-NetEventSession -Name "MyCapture" -Path C:\Temp\capture.etl

Why use it? When you need a full packet dump (e.g., to debug TLS handshakes or DNS anomalies). The exported .etl file can be opened in Wireshark via the etl2pcapng converter for a familiar UI.

---

Keep these ten in your back pocket and most Windows network issues stop being mysteries. For the full NetTCPIP and NetAdapter module reference, see the PowerShell docs.