The Isolate utility effectively blocks all network communication to the remote computer, excepting traffic from your Automate and Control servers. This document will describe the technical details of Isolation and the environment necessary to assure an Isolated computer always reports into your management servers.
The most important setting is to ensure your Automate server is using a failover address in the Default Agent Template. An Isolated computer will not be able to make calls to its DNS server and thus, will not be able to resolve the host name of your Automate and Control servers. This won't be used immediately after the machine is Isolated as the name lookup is already cached but if the machine is rebooted, the cache is lost. Third Wall attempts to compensate for this by registering both server names in the target computer's hosts file. A successful entry allows for a rebooted computer to resolve the address on demand but some computers do not allow modifications to the hosts file (even as the Local System Account.)
Caution! Do not assume settings are correct and then apply them to your default template! If something is wrong you will have just set yourself up for a lot of manual work as you just modified ALL remote computers. Before applying any change to your default template, setup a test. Create a new template with the server address properly assigned, create a new group and assign that profile to the test group. Then add a couple/few computers. If all looks good, only then make the same change to your Default template.
This is one reason it is critical to ensure your Default Agent Template is setup to allow the remote computer to find the Automate server, even when DNS is down. To do this, check your server address in the Default Agent Template. You should see two addresses, something like this:
In this example, all remotes communicate with http://server.twsandbox.local by default. When they can't resolve the address, they will failover to 192.168.1.123
Your server is (hopefully!) using https and a public IP address but the structure is the same.