Share via

How to activate my data center server 2022 offline

Brent J 0 Reputation points
2026-03-17T16:00:16.8466667+00:00

How to activate my data center server 2022 in an offline network. Do I need to setup a proxy connection internally or can I open firewall ports?

Windows for business | Windows Server | Devices and deployment | Licensing and activation
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. VPHAN 32,870 Reputation points Independent Advisor
    2026-03-17T16:33:32.8666667+00:00

    Hi Brent J,

    You should avoid opening external firewall ports or setting up a direct internal proxy for your offline server, as maintaining that strict air gap is critical for your infrastructure security. The previously mentioned Volume Activation Management Tool is entirely valid for bulk management, utilizing a CILX file transferred via USB between an isolated VAMT host and an internet-connected workstation. However, installing VAMT and its prerequisite SQL Server database is often unnecessary overhead if you only need to activate a single Datacenter server.

    For a straightforward standalone activation, you can use the built-in Software License Management Tool directly from an administrative command prompt. You simply type slmgr.vbs /ipk followed by your standard product key to install the license onto the operating system. Next, typing slmgr.vbs /dti will generate a lengthy, unique Installation ID on your screen. You can then take this Installation ID to any internet-connected device, navigate to the Microsoft Web Volume Activation site, or call the Microsoft Activation Center toll-free number to receive your corresponding Confirmation ID.

    Once you obtain that numeric Confirmation ID, return to your offline Datacenter server and apply it by running slmgr.vbs /atp followed immediately by the ID string. This command securely writes the validated activation data directly to the local Windows registry licensing store without requiring any network communication or firewall exceptions. If you do choose to proceed with the VAMT method for managing multiple servers in the future, just ensure your internal firewall allows Windows Management Instrumentation traffic so the VAMT host can remotely poll the target machines.

    Hope this answer brought you some useful information. If it did, please hit “accept answer”. Should you have any questions, feel free to leave a comment.

    VP

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  2. VPHAN 32,870 Reputation points Independent Advisor
    2026-03-19T06:08:03.7033333+00:00

    Hi Brent J,

    How is your issue going? Has it been resolved yet? If it has, please consider accepting the answer as it helps others sharing the same problem benefit too. Thank you :)

    VP

    Was this answer helpful?

    0 comments

  3. AI answer

    2026-03-17T16:00:32.0733333+00:00

    Windows Server 2022 Datacenter can be activated offline without opening firewall ports on that server by using proxy activation with the Volume Activation Management Tool (VAMT).

    There are two main offline patterns, depending on whether the wider organization has internet access somewhere:

    1. Isolated lab / no direct internet on the server, but internet exists elsewhere in the organization
      Use VAMT proxy activation:
      1. Install VAMT on a computer that has internet access.
      2. If the target server is in an isolated network with no route to the internet, install a second VAMT instance inside that isolated network (Scenario 2).
      3. Ensure the following requirements are met on the target server(s):
        • A valid key is installed (MAK, KMS Host key (CSVLK), GVLK/KMS client key, or retail key).
        • VAMT has administrative permissions on the server and WMI is accessible through Windows Firewall.
        • For workgroup servers, create the required registry key to allow remote admin actions under UAC (see “Configure client computers” in the referenced docs).
      4. In the isolated network, use VAMT to discover/add the Windows Server 2022 Datacenter installation and export a VAMT Computer Information List (CILX) file.
      5. Move the CILX file via removable media to the internet‑connected VAMT host.
      6. On the internet‑connected VAMT host, import the CILX and run proxy activation to send Installation IDs (IIDs) to Microsoft and retrieve Confirmation IDs (CIDs).
      7. Export the updated CILX from the internet‑connected VAMT host, move it back to the isolated VAMT, and apply the CIDs to the server to complete activation.
      In this model, only the internet‑connected VAMT host needs outbound internet access. The isolated server never needs direct internet or firewall openings to the internet; only WMI access from the local VAMT instance is required.
    2. Server has no direct internet, but can reach an internal proxy that has internet
      In this case, the server can be activated using VAMT online activation from a central VAMT host that has network connectivity to the server and internet access. Requirements:
      1. Install VAMT on a central host in the core network with internet access.
      2. Ensure WMI is allowed through Windows Firewall on the Windows Server 2022 Datacenter machine and that VAMT has administrative permissions.
      3. Install the appropriate product key (MAK, CSVLK, GVLK, or retail).
      4. From VAMT, discover the server and run online activation. VAMT will contact Microsoft over the internet (through whatever outbound firewall/proxy rules exist on that VAMT host).
      In this scenario, there is no need to open inbound firewall ports from the internet to the server. Only outbound connectivity from the VAMT host to Microsoft is required.

    Answering the specific question:

    • A “proxy connection internally” is not required on the Windows Server itself if VAMT proxy activation is used; instead, use VAMT on another machine that has internet access and transfer activation data via CILX files and removable media.
    • Opening inbound firewall ports from the internet to the server is not required or recommended. The only firewall requirement is that WMI be accessible from the VAMT host to the server, and that the VAMT host (not the server) can reach Microsoft over the internet for activation.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.