Determine if a NIC has Internet access (vs local, closed network)

Is there some way in PowerShell to automatically determine which of multiple NICs has Internet access rather than an connection to a closed network?

Say, a computer has one NIC that can generally get out to the Web and another NIC that is connected to a small, scientific device network. They both have IP addresses and see a "network". Is there a generic way to determine which is Internet connected?

I know about:

gwmi win32_networkadapterconfiguration -filter "ipenabled = 'true'"

and

gwmi win32_networkadapter -filter "NetConnectionStatus LIKE '2'"

and

Get-NetAdapter | ? {($_.status -eq 'up')

but it's not clear to me that those filters are identifying Internet access vs just network access, and unfortunately, I don't have access to a machine with that kind of setup to test.

Thanks.

Teknowledgist

Posted 2017-11-03T13:37:14.917

Reputation: 157

Answers

The Test-Connection cmdlet allows you to specify the source address with the -Source parameter. We can test the addresses being used by each adapter.

$adapters = Get-NetIPAddress -AddressFamily ipv4 | Where-Object InterfaceAlias -in (Get-NetAdapter | Select-Object -ExpandProperty Name) | Select-Object IPAddress,InterfaceAlias

$adapters | % {

    Test-Connection -Source $_.IPAddress -Destination 8.8.8.8 -ErrorAction SilentlyContinue | Out-Null

    if($?) {
        write-host $_.InterfaceAlias "(" $_.IPAddress ") can connect to the internet."
    }
    else {
        write-host $_.InterfaceAlias "(" $_.IPAddress ") failed to connect to the internet."
    }

}

Output:

Local Area Connection ( 10.1.1.2 ) can connect to the internet
Ethernet 2 ( 10.1.1.3 ) failed to connect to the internet.
Wireless Network Connection ( 10.1.1.4 ) failed to connect to the internet.

root

Posted 2017-11-03T13:37:14.917

Reputation: 2 992

I didn't realize test-connection had a -source option. That is exactly what I was looking for! Unfortunately, -source and -quiet cannot both be used. – Teknowledgist – 2017-11-03T16:36:15.443

I believe that the best way would be to check which adapter the default route use.

Get-NetRoute -DestinationPrefix "0.0.0.0/0"

This would give you the ifIndex for the adapter that should be connected to the internet. The same ifIndex can be used to get the adapter...

Get-NetAdapter -InterfaceIndex <number from previous command>

Magnus

Posted 2017-11-03T13:37:14.917

Reputation: 1 548

Are you certain that default route can't be assigned to NIC that isn't connected to internet? I faced issue with that in Linux previously, default route was assigned based upon which NIC was enabled first. I suppose Windows might have it handled... – Marek Rost – 2017-11-03T14:31:47.753

Well, the default route is where all traffic goes, unless it is specified in the routing table.. So if the default route points to an internal network, you won't have access to the internet at all.. :) (There might be several default routes, though.. Just different priorities) – Magnus – 2017-11-03T14:39:57.753

1You could also use something like Find-NetRoute -RemoteIPAddress 8.8.8.8 to get the index of the interface that would route the traffic to that IP. – Magnus – 2017-11-03T14:44:16.897

My ultimate goal is to disable Internet access while leaving local network connections alone. Once I disable the default route NIC, the next NIC becomes default (I assume). Although it would be rare, I can't assume only two NICs (one online, and one local), so I have to iterate through all the "up" status NICs. – Teknowledgist – 2017-11-03T16:41:14.587