On this page
Looking to run Windows on bare metal, either for a specific use-case or just for fun? Equinix Metal™ offers Windows Server on many of our standard servers for a licensing fee per core. This guide covers basic set up for configuring access to your Windows Server, as well as an introduction to configuring the networking in Windows to use Equinix Metal features.
You Will Need
- An Equinix Metal Account
- A VLAN in the Metro where you are provisioning your Windows Server. This guide uses a VLAN with VNID
- Another server connected to the VLAN to test connectivity with. In this example, the server is using IP address
3400. (Optional, but handy).
Deploying the Server
Deploy a fresh Windows server On Demand from the Equinix Metal console. Select the Location, Plan, and Windows as your Operating System.
This guide uses Windows Server 2022 on a
c3.small.x86 named "windows-server-setup" in its examples. The networking, SSH, and user data settings were all left as default.
Microsoft Remote Desktop Access
Microsoft Remote Desktop is a common way to access remote Windows servers and is available for many platforms. It is also the default experience for accessing a Windows server on Equinix Metal.
While your server is provisioning, grab the appropriate Remote Desktop client for your system from Microsoft.
After your sever finishes provisioning, check out its Overview page.
At the top, click RDP Access which will pop up the information that you need to enter into your Remote Desktop client to connect to your server.
The password will be available in the Equinix Metal console for the first 24 hours after provisioning. It will be automatically redacted from the console after that time.
In Remote Desktop, entering the server's IP Address and server name.
Double-click on the server entry in Remote Desktop and enter the User Account information from Equinix Metal.
You will probably encounter a certificate warning when trying to connect; your server uses a self-signed certificate. You can verify that the certificate is coming from the Equinix Metal server with the expected hostname, and continue.
Once a connection is established, you should be at the Server Manager Dashboard of the Windows server.
Unlike our Linux servers, SSH access to your Windows server is not automatically enabled or configured. If you want to use SSH, you'll have to enable and configure it in Windows yourself. Following the Microsoft documentation, install the OpenSSH server components.
First, run PowerShell as an Administrator. Note: if you are using Remote Desktop on a Mac, you can simulate right-clicking with a two-finger click on the trackpad. Check to see which OpenSSH components are already installed.
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
Which should return:
Name : OpenSSH.Client~~~~0.0.1.0 State : Installed Name : OpenSSH.Server~~~~0.0.1.0 State : NotPresent
Typically, Equinix Metal's images have the client component installed, but in order to reach this server via SSH, you'll also need the sever component.
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
When it's finished, it'll return:
Path : Online : True RestartNeeded : False
To enable SSH for just this session, start the SSH server.
Upon enabling, you should be able to SSH into the Windows server with the User Account.
ssh Admin@147.75.xx.xxx > The authenticity of host '147.75.xx.xxx (147.75.xx.xxx)' can't be established. ED25519 key fingerprint is SHA256:3eSZ....... This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '147.75.xx.xxx' (ED25519) to the list of known hosts. Admin@147.75.xx.xxx's password: > Microsoft Windows [Version 10.0.20348.643] (c) Microsoft Corporation. All rights reserved. admin@WINDOWS-SERVER- C:\Users\Admin
More detailed documentation on OpenSSH for Windows Server is available from Microsoft, and includes things like configuring firewall rules, SSH configuration files, and uninstalling.
OOB Console Access
Similar to just general SSH, the Out-of-Band (OOB) Console is not enabled automatically on Windows. The purpose of the OOB console is to enable you to potentially recover your server should it become otherwise unresponsive or inaccessible.
In order for it to work with your server, you have to enable Windows Emergency Management Services (EMS), which allows the OOB console to access Windows when something goes wrong.
First, connect to your Windows server with Remote Desktop, and run PowerShell as an Administrator. Then, run the
bcdedit command to turn EMS on.
bcdedit /ems ON
Another thing to note about connecting with the OOB console. When you open the channel, Windows defaults to an SAC shell, and you can create a command prompt channel using the
~ ssh firstname.lastname@example.org [SOS Session Ready. Use ~? for help.] [Note: You may need to press RETURN or Ctrl+L to get a prompt.] SAC>cmd The Command Prompt session was successfully launched. SAC> EVENT: A new channel has been created. Use "ch -?" for channel help. Channel: Cmd0001
Once you have created the channel, press
Tab to bring up the channel description.
Name: Cmd0001 Description: Command Type: VT-UTF8 Channel GUID: a45c61e9-d210-11ec-8a0a-0c42a17ea21d Application Type GUID: 63d02271-8aa4-11d5-bccf-00b0d014a2d0 Press <esc><tab> for next channel. Press <esc><tab>0 to return to the SAC channel. Use any other key to view this channel.
Press any key from here to bring you to a login prompt for your cmd session. You can leave the Domain field empty.
Please enter login credentials. Username: Admin Domain: Password: ****************
Once you have successfully authenticated, you will be at a command-line for your Windows Server.
Microsoft Windows [Version 10.0.20348.643] (c) Microsoft Corporation. All rights reserved. C:\windows\system32>
To exit cmd, type
exit, which should bring you back to the SAC shell. To close the OOB console type
~. which will close the connection from your local machine to the OOB console.
Configuring Networking Modes
Having taken care of the ways in which you can connect to your Windows server, let's take a look at configuring Windows to use Equinix Metal VLANs.
First, convert your Windows Server to the Hybrid Bonded networking mode and add it to the VLAN. This guide uses a VLAN in the same metro with VNID 3400.
Then, configure Windows to be able to use the VLAN. Connect to the server with Remote Desktop and open the Server Manager. On the Local Server page, the is an entry for NIC Teaming that should be enabled. Click Enabled.
If your local server doesn't appear in the list as Online, you will have to add it. Click TASKS Add Server
On the DNS tab, use the search to find the name of your server, click the arrow in the center, and click OK to add it.
Now the network interfaces for your server ports, including
bond0, should appear on the NIC Teaming page.
Now we can add an interface for the VLAN. Select
bond0 in both the Teams panel and the Adapters and Interfaces panel. Click TASKS in Adapters and Interfaces, and Add Interface.
In the New Team Interface panel, make sure the Specific VLAN option is selected and fill in the VNID of the VLAN. Click OK.
Return to the Server Manager, and refresh the view. There should now be an entry for the new interface for
We still need to assign a IP address for this server on the VLAN, so click the IPV4 settings
bond0_bond0 - VLAN 3440, which should take you to the Network Connections page in Windows. Right-click on the device for
bond0_bond0 - VLAN 3440 and open its Properties.
Select Internet Protocol Version4 (TCP/IPv4) from the menu and click Properties.
Now you can assign the IP address for the server to use on the VLAN. If you already have another server on the VLAN that you want to be able to connect to, give it an IP address in the same subnet. In this example, we already have another server using IP address
169.254.1.12, so the Windows server is getting
Should now be able to ping both servers from the other at the assigned IP addresses. From the Windows server:
C:\Users\Admin>ping 169.254.1.12 Pinging 169.254.1.12 with 32 bytes of data: Reply from 169.254.1.12: bytes=32 time<1ms TTL=64 Reply from 169.254.1.12: bytes=32 time<1ms TTL=64 Reply from 169.254.1.12: bytes=32 time<1ms TTL=64 Reply from 169.254.1.12: bytes=32 time<1ms TTL=64 Ping statistics for 169.254.1.12: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
And from the outside server:
root@da-c3-small-x86-01:~# ping 169.254.1.11 PING 169.254.1.11 (169.254.1.11) 56(84) bytes of data. 64 bytes from 169.254.1.11: icmp_seq=1 ttl=128 time=0.753 ms 64 bytes from 169.254.1.11: icmp_seq=2 ttl=128 time=0.871 ms 64 bytes from 169.254.1.11: icmp_seq=3 ttl=128 time=0.948 ms 64 bytes from 169.254.1.11: icmp_seq=4 ttl=128 time=0.789 ms 64 bytes from 169.254.1.11: icmp_seq=5 ttl=128 time=0.889 ms 64 bytes from 169.254.1.11: icmp_seq=6 ttl=128 time=0.829 ms ^C --- 169.254.1.11 ping statistics --- 6 packets transmitted, 6 received, 0% packet loss, time 5028ms rtt min/avg/max/mdev = 0.753/0.846/0.948/0.064 ms
This has been a quick overview of how to get Windows Server up and running on Equinix Metal with examples of how to access your server and configure some of our networking features. If you're looking to experiment with other operating systems, most of the platform documentation contains Linux examples, and there is also a introductory-level guide on Setting Up an ESXi Server.
Last updatedSeptember 14, 2023
Ready to kick the tires?
Sign up and get going today, or request a demo to get a tour from an expert.