Host Isolation over VPN

Hi All,

I'm attempting to use host isolation on a device that uses a VPN to connect to Fleet. I've noticed that when I enable host isolation on the device, it completely stops responding and no longer works. I'm assuming that this is because the isolation blocks the actual VPN from working, therefore the device is no longer able to reach the Fleet server.

The issue I'm running into, is I'm not sure which "parts" of the VPN path I need to add to the Host Isolation exceptions for this to work.

Would anyone have happened to come across this issue, or know what needs to be added as an exception for Isolation to work over a VPN?

Hi @BenB196 Thanks for your feedback. The v4 IP address of the VPN server needs to be added to the Host Isolation exceptions. If you don't know the IP address of the VPN server, you could find out by ping the VPN server name. Or if you are comfortable with packet capture, you can find out the VPN server IP address from pcap. Please feel free to let us know how it goes. We are here to help.

Here's the document of how to add Host Isolation exceptions: Host isolation exceptions | Elastic Security Solution [8.1] | Elastic

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.