Windows Guide

OpenClaw on Windows

Run OpenClaw on Windows using WSL2 (Windows Subsystem for Linux). Get the full Linux experience while staying on Windows.

Security Warning: Local Installation Risks

Running OpenClaw locally on your personal computer can pose significant security risks. The AI agent has access to execute commands, read/write files, and interact with your system. A misconfigured setup could expose sensitive data or allow unintended actions.

  • Data exposure: The agent can read files on your system, including sensitive documents and credentials
  • System access: Commands executed by the agent run with your user permissions
  • Network risks: Improperly secured installations could be accessed by others on your network
  • No isolation: Unlike a VPS, your personal files and data share the same environment

Recommended: Use a VPS Instead

For a safer and more reliable setup, we strongly recommend running OpenClaw on a dedicated VPS. This provides:

  • Isolation from your personal computer
  • 24/7 uptime without keeping your computer on
  • Better security with a controlled environment
  • Easy setup with our step-by-step guide
View VPS Setup Guide

Requirements for Windows

WSL2 Required

OpenClaw on Windows runs via WSL2 (Ubuntu recommended). The CLI + Gateway run inside Linux, which keeps the runtime consistent and makes tooling more compatible.

  • Windows 10 version 2004+ or Windows 11
  • WSL2 with Ubuntu 24.04
  • systemd enabled in WSL

Native Windows is not recommended

While you might be able to run OpenClaw natively on Windows, WSL2 provides a much better experience with full Linux compatibility.

Limitations of Windows/WSL2 Installation

  • Your Windows PC must stay on 24/7 for continuous operation
  • Windows updates may interrupt service
  • WSL adds overhead compared to native Linux
  • Network configuration is more complex

Consider a VPS: Skip Windows complexity and get true 24/7 uptime.

Learn more about VPS vs Local
1
Step 1

Install WSL2 + Ubuntu

Open PowerShell as Administrator and run:

wsl --install

Or pick Ubuntu 24.04 explicitly:

wsl --install -d Ubuntu-24.04

Reboot if Windows asks, then open Ubuntu from the Start menu.

2
Step 2

Enable systemd

systemd is required for the gateway service. In your WSL terminal:

sudo tee /etc/wsl.conf > /dev/null <<'EOF'
[boot]
systemd=true
EOF

Then from PowerShell (not WSL):

wsl --shutdown

Re-open Ubuntu and verify with:

systemctl --user status
3
Step 3

Install OpenClaw

Inside WSL Ubuntu, install Node.js and OpenClaw:

curl -fsSL https://deb.nodesource.com/setup_22.x | sudo bash -
sudo apt install -y nodejs
curl -fsSL https://openclaw.ai/install.sh | bash
4
Step 4

Run Onboarding

Start the onboarding wizard to configure everything:

openclaw onboard --install-daemon

The wizard will guide you through Telegram bot setup and API configuration.

Alternative Gateway Install Methods

Besides openclaw onboard --install-daemon, you can also use:

Direct gateway install:

openclaw gateway install

Interactive configurator:

openclaw configure

Select "Gateway service" when prompted.

Advanced: Expose WSL Services Over LAN

WSL has its own virtual network. If you need to access OpenClaw from other devices on your network, you must forward a Windows port to the WSL IP. Note: The WSL IP changes after restarts.

Set up port forwarding (PowerShell as Admin):

$Distro = "Ubuntu-24.04"
$ListenPort = 2222
$TargetPort = 22
$WslIp = (wsl -d $Distro -- hostname -I).Trim().Split(" ")[0]
if (-not $WslIp) { throw "WSL IP not found." }
netsh interface portproxy add v4tov4 `
  listenaddress=0.0.0.0 listenport=$ListenPort `
  connectaddress=$WslIp connectport=$TargetPort

Allow through Windows Firewall (one-time):

New-NetFirewallRule -DisplayName "WSL SSH $ListenPort" `
  -Direction Inbound -Protocol TCP `
  -LocalPort $ListenPort -Action Allow

Refresh after WSL restarts:

netsh interface portproxy delete v4tov4 `
  listenport=$ListenPort listenaddress=0.0.0.0 | Out-Null
netsh interface portproxy add v4tov4 `
  listenport=$ListenPort listenaddress=0.0.0.0 `
  connectaddress=$WslIp connectport=$TargetPort | Out-Null

Important Notes:

  • Remote nodes must point at a reachable Gateway URL (not 127.0.0.1)
  • Use openclaw status --all to confirm connectivity
  • Use listenaddress=0.0.0.0 for LAN access; 127.0.0.1 keeps it local only
  • For automation, register a Windows Scheduled Task to run the refresh at login

Troubleshooting

Repair/Migrate Service

If you have issues with the service, run:

openclaw doctor

Check WSL Version (WSL1 vs WSL2)

systemd requires WSL2. Check your version:

wsl --list --verbose

The VERSION column should show "2". If it shows "1", convert:

wsl --set-version Ubuntu-24.04 2

WSL IP Changes After Restart

WSL assigns a new IP each time it starts. If you've set up port forwarding, you'll need to refresh the portproxy rule after each restart. Consider creating a Scheduled Task to automate this.

Check Gateway Status

Verify your gateway is running and reachable:

openclaw status --all

No Windows Companion App Yet

There is no native Windows companion app currently. OpenClaw runs entirely within WSL. Contributions to build a Windows app are welcome!

Prefer a Simpler Setup?

A VPS provides easier setup, 24/7 uptime, and better security isolation.

VPS Setup GuideAll Installation Methods
Built by:Kevin Jeppesen