Installing NIC drivers for i225-V and other unsupported adapters on Windows Server Core

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

hmw

Well-Known Member
Apr 29, 2019
632
261
63
I'm in the process of replacing my Ubiquiti core switch with a Brocade L3 and setting it up with OPNsense. Since OPNsense doesn't function properly with DHCP & VLANs/subnets - I will need to have a Windows server running DNS/DHCP on the network. I decided to go down the Server Core path because
  • It boots and is ready in < 20 seconds
  • Core is supposed to have a significantly reduced attack surface compared to normal Server with Desktop Experience
  • Server Core is less resource hungry than Server
Fanless PCs like the Topton N5105 / Protectli VP series all work beautifully for Server Core except for one major problem. Server Core has (almost) no GUI ! One can install drivers for unsupported hardware on normal Server but for Server Core it's next to impossible. It's possible to install Windows Admin Center and use that to look at devices + try to install drivers - however it will NOT work for unsupported hardware.

The solution is to use Microsoft's command line utilities - devcon.exe and pnputil.exe. As way of example, I'll show how to get the Topton N5105's i225-V NICs running on Server Core

Of course you'll need to identify your NIC (or whatever other hardware you have) and make sure you know the device ID. One way to do this is to (if you read further down and get hold of devcon.exe) is to use devcon status / devcon find /devcon findall and see which drivers have stopped or which device IDs do not have matching drivers installed

Another way is to see if the device installs in "normal" Server or even Windows Workstation by choosing a different driver and then looking at the INF file for details on that specific driver.

In my case, I downloaded Rel 28 of the Intel complete driver pack here: and used Release_28.0\PRO2500\Winx64\WS2022 directory to install drivers. The GUI prompt was looking for a Intel(R) Ethernet Controller (3) I225-V driver and sure enough in the Release_28.0\PRO2500\Winx64\WS2022\e2.inf file we have a section with the "Intel(R) Ethernet Controller (3) I225-V" header

1684378627153.png

Note the [E15F3_3.10.0.1..17763] - this bears explaining as it is crucial to proper installation. This is the model section identifier of the driver model. When Windows looks at the INF file, it looks at certain "manufacturer" sections depending on whether it is Windows Workstation or Windows Server. In each "manufacturer" section, Windows will look at a list of model sections and see if it matches the device ID for the hardware it is installing.


In the INF file you will find two or possibly three "manufacturer" sections as follows:

Code:
[Intel]

;


[Intel.NTamd64.10.0.1..17763]
; DisplayName               Section                     DeviceID
; -----------               -------                     --------

; all Windows drivers here


[Intel.NTamd64.10.0...17763]
; DisplayName               Section                     DeviceID
; -----------               -------                     --------

; all Windows SERVER drivers here
i.e. the [Intel.NTamd64.10.0.1..17763] section contains driver model strings for drivers that Windows can load for Workstation versions for Windows 10 build version 1809. And the [Intel.NTamd64.10.0...17763] section contains driver strings for ALL Windows versions build 1809. Hence the earlier section overrides the latter one and is used for Workstation and the latter is used for everything except Workstation.

Similarly, [Intel.NTamd64.10.0...20348] would refer to Windows Server 2022 (because the build version for that is 20348). If you're curious about this - refer here for details: INF Manufacturer section - Windows drivers

Now if we look at our e2.inf file inside the Intel WS2022 directory, we find the following for the [E15F3_3.10.0.1..17763] entry:

1684379622800.png


That's right - the entry exists only for Windows Workstation (the 10.0.1 section) and NOT for any OTHER version of Windows (i.e. the 10.0... section). Which means on Server it will NOT install this driver automatically. You can still force install it - which is what we will do with Server Core.

To force install, we will
  • Modify the INF file so that a suitable driver entry for Windows Server will exist.
  • Download devcon.exe from Microsoft
  • Turn off driver signature enforcement so that our modified INF file can be used for installation

Modifying the INF file: Please don't download modded INF files and drivers. Modify them yourself because it's easy and you'll tailor the INF to your specific hardware. In order to do this, we only need to modify the manufacturer section in the file that is used for non-workstation versions when installing i.e. [Intel.NTamd64.10.0...17763]. This is how my e2.inf file now looks

1684380829113.png

Notice the highlighted section? All I've done is taken the specific model entry %E15F3_3NC.DeviceDesc% = E15F3_3.10.0.1..17763, PCI\VEN_8086&DEV_15F3&REV_03 and added it to the [Intel.NTamd64.10.0...17763] section. I've also removed everything else because I don't want the PlugNPlay framework to get confused as to which driver to install :)

Usually, that's pretty much the only change you need to make, leave the rest of the INF file untouched - however, sometimes you might need to make sure the [ControlFlags] section exists but is empty

Downloading Devcon.exe from Microsoft: please don't download devcon from anywhere else except Microsoft. It's usually installed as part of the Windows DDK, however, one can download just devcon as follows: Take a look at Drawbackz's repo here: GitHub - Drawbackz/DevCon-Installer. They maintain a JSON that tracks devcon for every Windows version - devcon_sources.json. Use the JSON to look at the URL for your Server Core version - you'll need to download the CAB file and then expand the specific file inside - I used 7zip to do this.

There's an excellent page by Microsoft on devcon examples here: Device Console (DevCon.exe) examples - Windows drivers

Try the following to get your problem driver IDs

devcon find *
devcon findall *
devcon status *


And look for anything that says 'no matching driver' or 'device has a problem:28' etc

Turning off driver signature enforcement: as Administrator, in a command window, type the following and reboot

1684381925845.png


Once this is done, login back to server core, make sure you have the driver files with the modded INF and use devcon WITH THE CORRECT HARDWARE ID. This is super important. If you do not use it with the proper hardware ID, it will NOT install correctly. In my case, I used devcon status to find out the exact hardware IDs that had Code 28 problems. There were four of them and they were of the form PCI\VEN_8086&DEV_15F3&SUBSYS_00008086&REV_03\<MAC_ADDRESS>. You don't need the MAC address because you want to install the driver for all of them

Screenshot 2023-05-18 at 12.07.41 AM.png

If you've turned off driver signing enforcement - you will get the popup that asks if you want to install these drivers because they're unsigned. Once you choose yes, it should say "drivers installed successfully"

That's it. You now have Server Core 2022 working with the Topton N5105 and i225-V NICs ! You can now use Get-NetAdapter to check if the NICs are doing their thing

1684383387848.png


Oh and do not forget to turn driver signing back on


(..now if only someone would provide similar detailed instructions on how to setup OPNsense with a Brocade L3 switch + VLANs :D)
 
Last edited:

cesmith9999

Well-Known Member
Mar 26, 2013
1,438
486
83
There are several guides on how to setup router and L3 switch in the Network section. most deal with a transit VLan.

Chris
 

hmw

Well-Known Member
Apr 29, 2019
632
261
63
Wow, this is what I need.

I got stuck however, I couldn't install devcon from this site GitHub - Drawbackz/DevCon-Installer: Quickly download and install DevCon without downloading the entire Windows Driver Kit. I didn't find an executable wizard or .exe file that would start the program.

What am I doing wrong? how do I install that on my pc? Can someone show me what link to click on or what folder to execute to install the program?
I've described all of that in my post -


Downloading Devcon.exe from Microsoft: please don't download devcon from anywhere else except Microsoft. It's usually installed as part of the Windows DDK, however, one can download just devcon as follows: Take a look at Drawbackz's repo here: DevCon-Installer. They maintain a JSON that tracks devcon for every Windows version - devcon_sources.json. Use the JSON to look at the URL for your Server Core version - you'll need to download the CAB file and then expand the specific file inside - I used 7zip to do this.
Take a look at the JSON from the second link - it's named devcon_sources.json. The JSON file has a list of OS names, and for each OS Name, it has URLs and filenames. Find the OS and architecture that matches YOUR OS and arch (e.g. "Windows 10 version 1903" and "X64") - look at the corresponding URL and "Extraction Name". The URL allows you to download the entire CAB file. Download the CAB file, use 7Zip to extract ONLY the specific file that matches "extraction name" - this when unzipped is your devcon.exe

The alternative is just download and install the Windows Driver Kit from Microsoft, it will install devcon.exe
 
Last edited:

hmw

Well-Known Member
Apr 29, 2019
632
261
63
@Marsh - can this be moved into the Guides section? Thanks !
 
Last edited:

i0ntempest

New Member
May 2, 2024
1
0
1
I have successfully modded and installed the driver, and the adapters are working fine. However as soon as I turn integrity check back on and restart, the installed driver is blocked from loading. What should I do?

EDIT: Never mind - turns out Intel's net driver full pack v29.0.1 has an expired certificate for the e2f driver.
 
Last edited: