When a Windows PC says it is connected but pages will not load, Command Prompt is usually the fastest place to start. The right command line tools can tell you whether the problem is your device, your router, DNS, or something farther upstream, which makes network troubleshooting much more efficient than guessing.
CompTIA A+ Certification 220-1201 & 220-1202 Training
Master essential IT skills and prepare for entry-level roles with our comprehensive training designed for aspiring IT support specialists and technology professionals.
Get this course on Udemy at the lowest price →This guide focuses on Windows support tasks you can actually use at home or in the office. You will learn how to check IP settings, test reachability, verify name resolution, trace routes, and reset the network stack when needed. These are core IT skills development building blocks and align closely with the troubleshooting habits taught in CompTIA A+ Certification 220-1201 & 220-1202 Training.
The goal is not to turn Command Prompt into a full monitoring platform. It is to show how a few simple commands help you narrow a problem fast, read the output correctly, and decide what to do next.
Understanding Network Diagnostics in Command Prompt
Good network diagnostics start with a simple question: where is the failure happening? A Windows laptop can fail because its own IP settings are wrong, the local router is down, the ISP is having an outage, or the remote server is unavailable. Command Prompt helps separate those cases instead of treating every symptom the same way.
For example, if your PC cannot reach the default gateway, the problem is usually local. If the gateway responds but public sites do not, the issue may be DNS, firewall policy, or internet access beyond the local network. If most sites work but one remote service does not, the fault may be on that site’s side.
Network troubleshooting gets faster when you test from the inside out: device, gateway, DNS, internet, then the remote host. That order removes guesswork.
This is why command-line diagnostics are most useful when used together. A single failed ping does not prove much on its own, and a successful ping does not guarantee every application will work. Read the output, compare it with another command, and look for patterns.
- Local machine problem: bad IP address, disabled adapter, missing gateway, stale DNS cache.
- Router or LAN problem: gateway unreachable, DHCP issue, Wi-Fi instability, bad Ethernet link.
- ISP issue: gateway works, public addresses fail, multiple devices lose access.
- Remote server problem: one site fails, other sites work, trace stops near the destination.
For a deeper structure around how incidents should be handled, NIST’s guidance on incident response is a useful reference point: NIST CSRC. For Windows-specific repair and configuration steps, the official Microsoft docs remain the best source: Microsoft Learn.
Checking Your IP Configuration
The first command most technicians should run is ipconfig. It shows the basic network settings Windows is using, including the IPv4 address, subnet mask, default gateway, and DNS servers. Those values tell you whether the computer has a usable address and where it believes the network starts and ends.
Run ipconfig in Command Prompt and look for the adapter you are actually using, such as Wi-Fi or Ethernet. A normal home or office PC usually has a private IPv4 address like 192.168.x.x, 10.x.x.x, or 172.16.x.x through 172.31.x.x, along with a default gateway that points to the router.
How to Spot a Bad Address
If you see an address in the 169.254.x.x range, Windows has likely assigned an Automatic Private IP Addressing value because DHCP did not provide a valid address. That usually means the computer could not reach the DHCP server, the router is not handing out addresses, or the cable or Wi-Fi link is not functioning properly.
Use ipconfig /all when you need more detail. It shows DHCP status, the physical address, DNS suffix, and other adapter data that can reveal whether the configuration is normal or broken.
- Valid private IP: indicates DHCP or static configuration is probably working.
- No default gateway: local device may work, but internet access will fail.
- Missing DNS servers: websites may not resolve even if the network is up.
- Unexpected adapter status: disabled, disconnected, or media disconnected usually points to link trouble.
Note
When you are diagnosing Windows support issues, write down the adapter name and the exact IP values before changing anything. That gives you a clean before-and-after comparison if you later need to renew the address or reset the stack.
Microsoft documents the syntax and behavior of ipconfig and related Windows networking commands here: Microsoft ipconfig documentation.
Testing Local Network Connectivity
Ping is the simplest reachability test in Command Prompt. It sends ICMP echo requests and waits for replies, which helps you check whether your computer can communicate with another device. In practical network troubleshooting, the first target should usually be the default gateway, not a public website.
Start with ping the router’s address, such as ping 192.168.1.1 or whatever ipconfig showed as the gateway. If that works, try another device on the same network, such as a local server or printer, if you know its address. This sequence confirms whether basic LAN communication is functioning.
How to Read Ping Results
Healthy ping output shows replies with response times in milliseconds and no packet loss. A few low-latency replies usually mean the local path is clean. Request timed out can mean the target is down, the path is blocked, or the device is configured not to answer ICMP.
Do not overread one failed test. Some routers, firewalls, cloud services, and managed endpoints intentionally block ping. That means a failed ping is useful information, but not a final diagnosis.
| Ping result | What it usually means |
| Replies received | The path is reachable at least at the network layer. |
| High latency | Possible congestion, Wi-Fi interference, or upstream delay. |
| Packet loss | Unstable link, overloaded network, or blocked ICMP. |
| Request timed out | Target unreachable, filtered, or not responding to ping. |
For a broader view of network behavior and incident patterns, the Verizon Data Breach Investigations Report is useful context on how often network paths, credentials, and misconfigurations contribute to real-world problems. For IT support work, the core lesson is simple: ping is a reachability test, not a complete health check.
Verifying DNS Resolution
DNS is the system that translates a name like www.example.com into an IP address. A site can fail to load even when your internet connection is technically working if DNS is broken, slow, or pointing to the wrong server. This is one of the most common causes of “the network is up, but nothing opens” complaints in Windows support.
A quick test is to ping a domain name instead of an IP address. When you run ping www.example.com, Windows first tries to resolve the hostname. If resolution fails, the problem may be DNS rather than general connectivity.
Using nslookup for Clearer DNS Testing
nslookup is a direct way to check name resolution and see which DNS server Windows is querying. Run nslookup www.example.com and note both the server used and the address returned. If the answer is missing, incorrect, or inconsistent with expectations, you likely have a DNS problem.
Compare results against two kinds of targets: a well-known public domain and a local device name, if your environment uses one. If public domains resolve but local names do not, the issue may be internal DNS, search suffix settings, or split-brain name resolution. If neither resolves, your client may not be reaching any working DNS server at all.
- DNS failure: “server unknown,” timeout, or no response from the resolver.
- Wrong address returned: possibly stale cache, bad record, or misconfiguration.
- Slow resolution: browsing may feel delayed even if connectivity is available.
If ping works by IP address but fails by name, focus on DNS before replacing hardware. That one check saves a lot of unnecessary troubleshooting.
For DNS behavior and records, the authoritative technical reference is the IETF’s DNS RFC set, while Windows-specific behavior is documented by Microsoft. A good starting point is Microsoft DNS documentation.
Tracing the Path to a Remote Destination
tracert shows the route packets take from your PC to a destination host. Instead of only telling you whether a target responds, it reveals each hop along the way, which makes it valuable when a site is slow, intermittent, or failing somewhere beyond your local network.
Run tracert www.example.com or trace a public IP address if you want to avoid DNS during the test. A normal trace shows a sequence of routers with increasing hop numbers and latency values. If the trace stops early, or if several hops show repeated timeouts, you may be looking at a routing issue, firewall filtering, or a problem near the destination.
What a Good or Bad Trace Looks Like
A healthy route usually shows a few milliseconds on nearby hops and gradually increasing latency as the path extends outward. That does not mean every hop must reply. Many routers are configured not to answer trace requests, so gaps in the output are normal as long as later hops still respond.
Use tracert when ping works inconsistently or when browsing is possible but painfully slow. It can show whether the delay starts inside your local network or farther out on the internet path.
- Trace the gateway first if needed, then a public site.
- Look for the first hop where delay or loss starts.
- Compare one known-good destination with the slow one.
- Use that pattern to narrow the fault domain.
For path and routing behavior, Cisco® documentation is a solid vendor reference for network fundamentals: Cisco. For deeper path analysis, the command itself is documented in Windows by Microsoft at Microsoft tracert documentation.
Checking Active Connections and Ports
netstat is the command to use when you need to see what your PC is actively doing on the network. It lists active connections, listening ports, and connection states, which makes it helpful for application-specific network troubleshooting and for spotting unusual activity.
Start with netstat -an. The -a switch shows all connections and listening ports, while -n keeps addresses and ports numeric, which is easier to scan. If permissions allow, netstat -b can show the executable associated with each connection, which helps you tie network activity back to a specific app or service.
What to Look For
Repeated ESTABLISHED entries may be normal for busy apps, browsers, messaging tools, and cloud sync clients. LISTENING entries are common for services waiting for inbound traffic. A lot of TIME_WAIT entries is not automatically bad; it often reflects normal TCP connection shutdown behavior.
The command becomes powerful when the pattern does not match the expected app behavior. If a browser cannot connect but the machine has active connections elsewhere, the issue may be the application, proxy settings, TLS interception, or the destination host. If you see unexpected outbound connections and the machine is acting strangely, that can also justify deeper security review.
- LISTENING: service is waiting for incoming connections.
- ESTABLISHED: active conversation is in progress.
- TIME_WAIT: connection recently closed and is being held briefly.
Warning
netstat -b may require administrative rights and can take longer to run. Use it carefully on production systems, and avoid making conclusions from a single snapshot if the system is busy.
For official command behavior, see Microsoft’s netstat documentation. For broader security context around suspicious network connections, the MITRE ATT&CK knowledge base is a strong technical reference: MITRE ATT&CK.
Refreshing the Network Stack
When the basic checks point to a local configuration problem rather than an outage, it is time to refresh the Windows network stack. This is where repair commands help resolve stale leases, corrupt cache entries, or broken socket settings that prevent normal communication.
Use ipconfig /release followed by ipconfig /renew to drop the current DHCP lease and request a fresh one from the server. This can fix situations where a client has a bad address, no valid gateway, or a lease that no longer matches the network.
Clearing DNS and Resetting Windows Networking
ipconfig /flushdns clears the local DNS cache. That matters when a machine keeps using stale or wrong name records after a server change, migration, or DNS repair. If the issue is deeper, use netsh winsock reset to repair the Winsock catalog and netsh int ip reset to reset IP-related settings.
These commands are more invasive than ping or nslookup, so use them after you have evidence that the problem is local. A reboot after the reset is important because Windows needs to reload stack components cleanly.
- Confirm the issue looks local, not remote.
- Release and renew the IP address.
- Flush the DNS cache.
- Reset Winsock and IP if the issue persists.
- Restart the computer.
Microsoft’s official guidance for these commands is here: ipconfig and netsh. For workforce-aligned troubleshooting habits, the NICE/NIST Workforce Framework is also a useful reference: NICE Framework.
Creating a Practical Troubleshooting Flow
Random command execution wastes time. A practical network troubleshooting flow makes it obvious where the problem lives and what to try next. The cleanest order is: check IP settings, ping the gateway, test external connectivity, verify DNS, and then trace the route if needed.
That sequence works because each test builds on the previous one. If you cannot reach the gateway, stop there and focus on the local link. If the gateway responds but public destinations fail, move to DNS and internet access. If DNS works but a single site is slow, use tracert to see where the delay begins.
Common Scenarios and the Right First Move
- Connected but no internet: check default gateway, ping the router, then test a public IP like 8.8.8.8.
- Website will not load: use ping by hostname and then nslookup to isolate DNS.
- Slow browsing: compare ping and tracert results to see whether latency starts locally or upstream.
- One app fails, others work: use netstat and confirm the app is actually establishing connections.
Document outputs before changing settings. A simple text file with timestamps, commands, and results is often enough to show whether a fix worked. That documentation also helps if you need to escalate the issue to a senior technician, vendor, or ISP support desk.
Step-by-step diagnostics beat guesswork every time. The goal is not to run every command. The goal is to learn which command answers the next question.
For common workforce expectations around troubleshooting and documentation, BLS Occupational Outlook Handbook is useful context on IT support roles and the analytical work they require. For certification-aligned skill development, CompTIA also outlines the broad domains covered in its A+ track on its official site: CompTIA A+ official certification page.
Useful Tips for Better Results
Command Prompt diagnostics are most effective when you combine them with basic physical checks. A loose Ethernet cable, poor Wi-Fi signal, or a router that needs a reboot can change the results just as much as a misconfigured IP address. The commands tell you what is happening; the hardware often explains why.
Running Command Prompt as an administrator is helpful when you use repair commands like netsh winsock reset or when you want to use netstat -b. If you are just checking connectivity, standard user rights are usually enough. Save elevated access for the commands that need it.
Small Habits That Save Time
- Paste output into a text file: easier to compare before and after changes.
- Test multiple destinations: one broken website does not prove the internet is down.
- Check Wi-Fi and Ethernet separately: the adapter in use matters.
- Look at router lights: link, WAN, and internet indicators can confirm obvious faults fast.
- Ask whether the problem affects other devices: that separates device-specific issues from network-wide ones.
Key Takeaway
Always combine command output with a physical check. A perfect ping to the gateway means little if the WAN light is off or the Ethernet cable is unplugged.
For additional support and security context, the FTC’s consumer technology guidance can help identify when a problem is local versus provider-related: FTC. For more on the skills expected in entry-level support work, ITU Online IT Training aligns these troubleshooting habits with practical Windows support scenarios in its CompTIA A+ Certification 220-1201 & 220-1202 Training.
CompTIA A+ Certification 220-1201 & 220-1202 Training
Master essential IT skills and prepare for entry-level roles with our comprehensive training designed for aspiring IT support specialists and technology professionals.
Get this course on Udemy at the lowest price →Conclusion
Command Prompt gives you a fast, practical way to diagnose common network problems on Windows. ipconfig shows whether the machine has a valid address, ping tests local and remote reachability, nslookup verifies DNS, tracert exposes path problems, and netstat shows active network behavior.
The real value comes from using those commands in a structured order. That approach helps you separate device issues from local network faults, DNS errors, and remote-side problems without wasting time on random fixes. It also makes your troubleshooting more professional and easier to explain to coworkers, end users, or support teams.
Use these tools as your first pass before calling the ISP, escalating to network engineering, or replacing hardware. And remember the most important part of the process: running the command is only half the job. Reading the output correctly is what actually solves the problem.
CompTIA®, Security+™, and A+™ are trademarks of CompTIA, Inc.