Skip to content
  • There are no suggestions because the search field is empty.

What to do when host cannot rejoin network after it is isolated

Issue

If an host has policy which isolation is enabled, by default the Endpoint Log Hybrid, Gateway, DNS server, and Relay Server (if applicable) IP addresses are whitelisted. If the host is on VPN or different network segment. It will not be able to be released from Isolation. Whitelisting the VPN gateway will have no effect.


Resolution

The only resolution for this issue is to remove the Endpoint agent from host. Whitelist the VPN gateway IP.  Install the agent.

Note: command below to use to manually remove the endpoint agent.
(on the host, open a command prompt select "runas administrator") enter below command:

msiexec /x {63AC4523-5F19-42F0-BC43-97C8B5373589}

Product Details

Netwitness version 11.6 and higher


Summary

After Isolating host from network. It cannot be released from isolation.


Approval Reviewer Queue

Technical approval queue