Connection Sharing Registry Settings
The following table shows the named values for the HKEY_LOCAL_MACHINE\Comm\ConnectionSharing registry key that you can use to configure ICS.
Note The default registry values vary depending on which features are included in your platform. For more information, see Default Registry Settings.
| Value : type | Description |
|---|---|
| DHCPLeaseTime : REG_DWORD | Default setting is 0xA. The valid range for this value is 0x1 to 0xFFFFFFFF.
Specifies the lease time in minutes offered by the DHCP allocator. |
| EnableAddressTranslation : REG_DWORD | Default setting is zero (0), or FALSE.
Specifies whether NAT is enabled. The valid range for this value is 0 to 0xFFFFFFFF. A non-zero value enables NAT on the public interface specified in the PublicInterface subkey. A value of 0 specifies that NAT is not enabled. To use NAT, the HKEY_LOCAL_MACHINE\Comm\Tcpip\Parms\IpEnableRouter registry value must also be non-zero. |
| EnableDhcpAllocator : REG_DWORD | Default setting is zero (0), or FALSE.
Specifies whether the DHCP allocator is enabled. The valid range for this value is 0 to 0xFFFFFFFF. A non-zero value enables the DHCP allocator on the private interface specified in the PrivateInterface subkey. A value of 0 specifies that the DHCP allocator is not enabled. |
| EnableDnsProxy : REG_DWORD | Default setting is zero (0), or FALSE.
Specifies whether DNS proxy is enabled. A non-zero value enables DNS proxy on the private interface specified in the PrivateInterface subkey. A value of 0 specifies that DNS proxy is not enabled. To use DNS proxy, the EnableDhcpAllocator registry value must also be non-zero. |
| EnablePacketFiltering : REG_DWORD | Specifies whether the packet filter is enabled. The valid range for this value is 0 to 0xFFFFFFFF. A non-zero value enables the packet filter. A value of 0 specifies that the packet filter is not enabled.
Security Note This subkey enables filtering in the NAT driver to help block unsolicited connections over the public network interface. Connections originating on the local network and connections mapped through the Network Address Translator are unaffected by this subkey. IPv6 routing does not apply a packet filter in a gateway device. Instead, all traffic is routed directly to the destination device. To avoid exposing internal devices directly on the external public network, you must configure the IP firewall on the gateway. For information about configuring the IP firewall to properly manage traffic destined for the internal network, see IP Firewall Reference. |
| InternalExposedHost : REG_SZ | Specifies the IP address of the device on the network that you want to expose to the Internet.
Security Note Setting this value routes unknown traffic to the device. This value can be any valid IP address. This allows you to configure a gateway device to transfer unsolicited traffic to a certain IP address on the other side of the network. |
| PrivateInterface : REG_MULTI_SZ | Specifies a list of names of the NDIS adapter instances for the private interfaces, for example, Ne20002. This value can be a list of names either of valid NDIS adapters or of valid dial-up networking connectoids.
If the list contains multiple private interfaces, those interfaces must all have the same subnet value in their IP addresses. For example, if PrivateInterface equals "Ne20001";"Ne20002" and the Ne20001 interface has an IP address of 169.254.0.1, the Ne20002 interface can have an IP address of 169.254.0.2, but not 192.168.0.1. |
| PublicInterface : REG_SZ | Specifies the name of the NDIS adapter instance for the public network interface, for example, NE20001. For dial up connections, use the name of the RAS connection. This value can be the name of either a valid NDIS adapter or a valid dial-up networking connectoid. |
See Also
Internet Connection Sharing Registry Settings
Last updated on Thursday, April 08, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.