Intel NUC Recommended BIOS Settings for VMware ESXi

The following BIOS settings are recommended for Intel NUC Systems running VMware ESXi. The list was created based on the latest 10th Gen Frost Canyon. Available options may differ with older NUCs.

To enter the BIOS, press F2 after powering on the system.

Onboard Devices

It's a good practice to disable all unused devices. I recommend disabling everything except the onboard NIC and Thunderbolt support.

  • Advanced > Onboard Devices > HD Audio: Disabled
  • Advanced > Onboard Devices > Digital Microphone: Disabled
  • Advanced > Onboard Devices > LAN: Enabled*
  • Advanced > Onboard Devices > Thunderbolt Support: Enabled*
  • Advanced > Onboard Devices > WLAN: Disabled
  • Advanced > Onboard Devices > Bluetooth: Disabled
  • Advanced > Onboard Devices > SDCard 3.0 Controller: Disabled
  • Advanced > Onboard Devices > Enhanced Consumer IR: Disabled
  • Advanced > Onboard Devices > HDMI CEC Control: Disabled

Cooling

The cooling configuration depends on your situation. If you need the NUC to be as silent as possible, configure the Fan Control Mode to "Silent". When noise is not a problem configure it to "cool", which is the best mode for reliability.

  • Cooling > Fan Control Mode: Cool

Performance

For maximal performance, make sure that HT, Turbo Boost and all cores are enabled.

  • Performance > Prozessor > Hyper-Threading: Enabled*
  • Performance > Prozessor > Intel Turbo Boost Technology: Enabled*
  • Performance > Prozessor > Active Processor Cores: All*

Security

Activate both virtualization features VT-x and VT-d. To get rid of TPM 2.0 error mesages ("TPM 2.0 device detected but a connection cannot be established.") disable Intel PTT.

  • Security > Security Features: Intel Virtualization Technology: Enabled*
  • Security > Security Features: Intel VT for Directed I/O (VT-d): Enabled*
  • Security > Security Features: Intel Platform Trust Technology: Disabled

Power

Do not change power policies, they can be configured from the ESXi itself, which is much more comfortable and possible without a reboot. Wake on LAN allows you to power on the nuc remotely, which is also very helpful.

  • Power > Max Performance Enabled: Enabled*
  • Power > Intel Dynamic Power Technology: Energy Efficient Perform*
  • Power > Processor Power Efficiency Policy: High Performance*
  • Power > Secondary Power Settings > After Power Failure: Last State
  • Power > Secondary Power Settings > Wake on LAN from S4/S5: Power On/Normal Boot

Boot

  • Boot > Secure Boot > Secure Boot: Disabled

* Default Setting

  1. Howdy! Is there anyone having the issue with the TPM message on NUC10i7FNH with ESXI6.7u3 and vCenter (TPM 2.0 device detected but a connection cannot be established.)? I already disabled the tpm function from bios and message is still appearing. Thanks, GD

    • Hello.
      Yes, many people are having problems with the TPM Message. Sometimes disabling Secure Boot and PTT works, sometimes not. I've not figured out how to get rid of the error completely.

  2. I'm getting (TPM 2.0 device detected but a connection cannot be established.) in my vCenter 6.7 running on NUC7i7BNH. I upgraded the BIOS to BNKBL357.86A
    Version: 0081 (Latest) Date: 1/14/2020 and I still the the error.

  3. Awesome! Thanks for the advice. ESXi 7.0 is working great on my NUC i7 10th Gen.

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.