How to Generate a Network Configuration Report in Batch Script

When troubleshooting internet connectivity or auditing a remote workstation, the first thing you need is a complete picture of the network configuration. Manually running ipconfig, route print, and netstat one by one is tedious and produces fragmented output. A Batch script can gather IP addresses, DNS servers, gateway details, active connections, and connectivity test results into a single structured report. This document can be emailed to a helpdesk, saved as a baseline, or collected from multiple machines for fleet auditing.

This guide will explain how to aggregate network data into a professional configuration report.

Method 1: Comprehensive Network Audit Report

This script collects all vital network information, runs connectivity tests, and saves everything to a single timestamped file.

Implementation

@echo off
setlocal

:: Generate locale-independent timestamp for filename
for /f "delims=" %%t in (
    'powershell -NoProfile -Command "Get-Date -Format ''yyyyMMdd_HHmmss''"'
) do set "Stamp=%%t"

set "ReportFile=%~dp0NetworkReport_%COMPUTERNAME%_%Stamp%.txt"

echo [INFO] Generating network configuration report...

:: =============================================
:: Report Header
:: =============================================
(
    echo ==================================================
    echo        NETWORK CONFIGURATION AUDIT REPORT
    echo ==================================================
) > "%ReportFile%"

for /f "delims=" %%t in (
    'powershell -NoProfile -Command "Get-Date -Format ''yyyy-MM-dd HH:mm:ss''"'
) do echo Generated:      %%t >> "%ReportFile%"

echo Computer:       %COMPUTERNAME% >> "%ReportFile%"
echo Username:       %USERNAME% >> "%ReportFile%"
echo. >> "%ReportFile%"

:: =============================================
:: Section 1: IP Addresses and Adapters
:: =============================================
echo [1/5] Collecting adapter configuration...
echo --- [1] IP ADDRESSES AND ADAPTERS --- >> "%ReportFile%"
echo. >> "%ReportFile%"
ipconfig /all >> "%ReportFile%"
echo. >> "%ReportFile%"

:: =============================================
:: Section 2: Routing Table
:: =============================================
echo [2/5] Collecting routing table...
echo --- [2] IPv4 ROUTING TABLE --- >> "%ReportFile%"
echo. >> "%ReportFile%"
route print -4 >> "%ReportFile%"
echo. >> "%ReportFile%"

:: =============================================
:: Section 3: DNS Configuration
:: =============================================
echo [3/5] Collecting DNS information...
echo --- [3] DNS RESOLVER CACHE - Recent Lookups --- >> "%ReportFile%"
echo. >> "%ReportFile%"
ipconfig /displaydns 2>nul | findstr /i "Record Name" >> "%ReportFile%"
echo. >> "%ReportFile%"

:: =============================================
:: Section 4: Active Connections
:: =============================================
echo [4/5] Collecting active connections...
echo --- [4] ACTIVE NETWORK CONNECTIONS --- >> "%ReportFile%"
echo. >> "%ReportFile%"

:: Use -n for numeric output (fast), -o for process IDs
netstat -ano >> "%ReportFile%"
echo. >> "%ReportFile%"

:: If running as admin, also show process names
net session >nul 2>&1
if not errorlevel 1 (
    echo --- [4b] CONNECTIONS WITH PROCESS NAMES - Admin --- >> "%ReportFile%"
    echo. >> "%ReportFile%"
    netstat -bno 2>nul >> "%ReportFile%"
    echo. >> "%ReportFile%"
)

:: =============================================
:: Section 5: Connectivity Tests
:: =============================================
echo [5/5] Running connectivity tests...
echo --- [5] CONNECTIVITY TEST RESULTS --- >> "%ReportFile%"
echo. >> "%ReportFile%"

:: Test 1: Default gateway
echo Testing default gateway... >> "%ReportFile%"
for /f "tokens=3" %%g in ('route print -4 0.0.0.0 ^| findstr "0.0.0.0"') do (
    set "Gateway=%%g"
    ping -n 2 -w 2000 %%g >nul 2>&1
    if not errorlevel 1 (
        echo   Gateway %%g: REACHABLE >> "%ReportFile%"
    ) else (
        echo   Gateway %%g: UNREACHABLE >> "%ReportFile%"
    )
    goto :GatewayDone
)
:GatewayDone

:: Test 2: External connectivity (by IP)
echo Testing external connectivity... >> "%ReportFile%"
ping -n 2 -w 2000 8.8.8.8 >nul 2>&1
if not errorlevel 1 (
    echo   Internet [8.8.8.8]: REACHABLE >> "%ReportFile%"
) else (
    echo   Internet [8.8.8.8]: UNREACHABLE >> "%ReportFile%"
)

:: Test 3: DNS resolution
echo Testing DNS resolution... >> "%ReportFile%"
nslookup www.google.com >nul 2>&1
if not errorlevel 1 (
    echo   DNS resolution: WORKING >> "%ReportFile%"
) else (
    echo   DNS resolution: FAILED >> "%ReportFile%"
)

echo. >> "%ReportFile%"
echo ================================================== >> "%ReportFile%"

echo.
echo [OK] Report saved to: %ReportFile%

endlocal
exit /b 0

What the connectivity tests reveal:

Test Result	Diagnosis
Gateway reachable, Internet reachable, DNS working	Network is fully functional
Gateway reachable, Internet unreachable	Gateway/router cannot reach the internet (ISP issue, firewall)
Gateway reachable, Internet reachable, DNS failing	DNS server misconfiguration
Gateway unreachable	Local network issue (cable, Wi-Fi, IP misconfiguration)

Method 2: Structured Summary via PowerShell

For a cleaner, more structured summary, especially useful for scripted processing or CSV export, PowerShell can extract specific fields from WMI network configuration objects.

@echo off
setlocal

echo [INFO] Network adapter summary:
echo.

powershell -NoProfile -Command ^
    "Get-CimInstance Win32_NetworkAdapterConfiguration -Filter 'IPEnabled=True' |" ^
    "ForEach-Object {" ^
    "    [PSCustomObject]@{" ^
    "        Adapter = $_.Description;" ^
    "        'IP Address' = ($_.IPAddress -join ', ');" ^
    "        'Subnet' = ($_.IPSubnet -join ', ');" ^
    "        'Gateway' = if ($_.DefaultIPGateway) { $_.DefaultIPGateway -join ', ' } else { 'None' };" ^
    "        'DNS Servers' = if ($_.DNSServerSearchOrder) { $_.DNSServerSearchOrder -join ', ' } else { 'None' };" ^
    "        'MAC Address' = $_.MACAddress;" ^
    "        'DHCP Enabled' = $_.DHCPEnabled" ^
    "    }" ^
    "} | Format-List"

endlocal
exit /b 0

Why Get-CimInstance instead of wmic:

• wmic is deprecated since Windows 10 21H1.
• wmic output for IPAddress is formatted as {"192.168.1.50","fe80::..."}, a raw WMI array string that is difficult to read and parse.
• Get-CimInstance returns proper PowerShell arrays that can be joined with ', ' for clean display.

Method 3: Fleet-Wide Network CSV Export

For auditing network configurations across multiple machines, export key settings to a shared CSV.

@echo off
setlocal

set "CSVFile=\\Server\Audit\network_inventory.csv"

if not exist "%CSVFile%" (
    echo "Timestamp","Computer","Adapter","IPAddress","Gateway","DNS","MAC","DHCP" > "%CSVFile%" 2>nul
)

:: Use a single, completely enclosed execution block via usebackq backticks.
:: This strictly locks the CMD quote state, avoiding the `| was unexpected` pipeline crash.
for /f "usebackq tokens=1-7 delims=|" %%a in (`powershell -NoProfile -Command "$adapters = Get-CimInstance Win32_NetworkAdapterConfiguration -Filter 'IPEnabled=True'; $ts = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'; foreach ($a in $adapters) { $ip = ($a.IPAddress | Where-Object { $_ -notmatch ':' } | Select-Object -First 1); $gw = if ($a.DefaultIPGateway) { $a.DefaultIPGateway[0] } else { 'None' }; $dns = if ($a.DNSServerSearchOrder) { $a.DNSServerSearchOrder -join ', ' } else { 'None' }; Write-Output ($ts + '|' + $a.Description + '|' + $ip + '|' + $gw + '|' + $dns + '|' + $a.MACAddress + '|' + $a.DHCPEnabled) }"`) do (
    echo "%%a","%COMPUTERNAME%","%%b","%%c","%%d","%%e","%%f","%%g" >> "%CSVFile%" 2>nul
)

echo [OK] Network data exported for %COMPUTERNAME%.

endlocal
exit /b 0

Deployment:

Run on each machine via Group Policy logon script, SCCM, or a scheduled task. The CSV accumulates one row per active network adapter per machine, enabling fleet-wide analysis: finding machines with incorrect DNS, identifying DHCP vs. static configurations, and detecting duplicate IP addresses.

How to Avoid Common Errors

Wrong Way: Hardcoding Adapter Names

:: BROKEN: fails on Wi-Fi-only laptops, machines with different NIC brands
ipconfig | findstr "Ethernet adapter"

Adapter names vary by hardware, connection type (Ethernet, Wi-Fi, Cellular), and Windows locale.

Correct Way: Use ipconfig /all (which shows all adapters) or Get-CimInstance Win32_NetworkAdapterConfiguration -Filter 'IPEnabled=True' (which returns only active adapters regardless of name).

Problem: netstat -a Takes Minutes

netstat without the -n flag attempts DNS reverse lookups on every IP address in the connection table. On a machine with hundreds of connections, this can take 5–10 minutes.

Solution: Always use -n for numeric output: netstat -ano (shows PIDs) or netstat -bno (shows process names, requires admin). Both finish in seconds.

Problem: netstat -b Requires Admin

The -b flag (show executable names for each connection) requires elevation. Without admin rights, netstat -b fails with "The requested operation requires elevation."

Solution: Method 1 checks for admin rights and includes netstat -bno only when elevated, falling back to netstat -ano for standard users.

Problem: DNS Cache Contains Stale Data

The DNS resolver cache (ipconfig /displaydns) may contain entries from hours ago that no longer reflect the current state.

Solution: If you need fresh DNS data for troubleshooting, run ipconfig /flushdns before generating the report. Note that flushing DNS is a modification, only do this if you intend to troubleshoot, not for routine auditing.

Problem: Report Contains Sensitive Information

Network reports include internal IP addresses, routing tables, DNS server addresses, MAC addresses, and potentially active connection endpoints. This information is useful for attackers performing network reconnaissance.

Solution: Treat network reports as confidential. Do not share them on public forums, unencrypted email, or unsecured file shares. Redact internal IPs if the report must leave your organization.

Best Practices and Rules

1. Always Include Connectivity Tests

A configuration report without connectivity tests is only half the picture. Knowing the settings are correct is useful; knowing they actually work is essential. The gateway/internet/DNS test pattern (Method 1, Section 5) provides a quick functional verification.

2. Use Numeric Output for netstat

Always use netstat -n or netstat -an for fast results. DNS resolution on every connection adds minutes of delay with no diagnostic benefit, you can look up IPs manually if needed.

3. Save to the Script Directory, Not the Working Directory

Use %~dp0 instead of %CD% for the report path. If a user runs the script from a shortcut with a different "Start In" directory, %CD% writes the report to an unexpected location.

4. Include Timestamp in the Filename

Using a static filename like NetworkReport.txt overwrites previous reports. Include the computer name and timestamp so each report is preserved: NetworkReport_PC01_20240510_143205.txt.

5. Collect Fleet Data to a Shared CSV

For multi-machine environments, use Method 3 to export structured data to a shared location. A single CSV with one row per adapter per machine enables fleet-wide analysis that individual text reports cannot provide.

Conclusions

Generating a network configuration report centralizes the output of ipconfig, netstat, route, and connectivity tests into a single organized document. By including both configuration data and functional verification, you provide a complete diagnostic snapshot that replaces chaotic manual troubleshooting with structured evidence. This professional approach saves time, enables remote support, and provides a baseline for tracking network changes over time.