diff --git a/salt/common/init.sls b/salt/common/init.sls
index 5fe3d9081..0ada77e1a 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -3,6 +3,7 @@
 
 {% set role = grains.id.split('_') | last %}
 {% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
+{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
 
 # Remove variables.txt from /tmp - This is temp
 rmvariablesfile:
@@ -125,6 +126,7 @@ crwazrepo:
   file.absent:
     - name: /etc/yum.repos.d/wazuh.repo
 
+{% if not ISAIRGAP %}
 crsecurityonionrepo:
   file.managed:
     {% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
@@ -137,6 +139,7 @@ crsecurityonionrepo:
     - mode: 644
 
 {% endif %}
+{% endif %}
 
 # Install common packages
 {% if grains['os'] != 'CentOS' %}     
diff --git a/setup/so-functions b/setup/so-functions
index bc2908a41..470ce2660 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -44,6 +44,21 @@ logCmd() {
 }
 ### End Logging Section ###
 
+airgap_repo() {
+	# Remove all the repo files
+	rm -rf /etc/yum.repos.d/*
+	echo "[airgap_repo]" > /etc/yum.repos.d/airgap_repo.repo
+	if $is_manager; then
+	    echo "baseurl=https://$HOSTNAME/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	else
+        echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	fi
+    echo "gpgcheck=1" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "sslverify=0" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "name=Airgap Repo" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "enabled=1" >> /etc/yum.repos.d/airgap_repo.repo
+}
+
 airgap_rules() {
 	# Copy the rules for suricata if using Airgap
 	mkdir -p /nsm/repo/rules
diff --git a/setup/so-setup b/setup/so-setup
index 584dc7933..48322f246 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -168,10 +168,8 @@ set_ssh_cmds $automated
 local_sbin="$(pwd)/../salt/common/tools/sbin"
 export PATH=$PATH:$local_sbin
 
-set_network_dev_status_list
 set_palette >> $setup_log 2>&1
 
-
 # Kernel messages can overwrite whiptail screen #812
 # https://github.com/Security-Onion-Solutions/securityonion/issues/812
 dmesg -D
@@ -440,6 +438,7 @@ if [[ $is_helix ]]; then
 fi
 
 if [[ $is_helix || $is_sensor ]]; then
+	set_network_dev_status_list
 	whiptail_sensor_nics
 fi
 
@@ -648,6 +647,8 @@ set_redirect >> $setup_log 2>&1
 	if [[ ! $is_airgap ]]; then
 	    securityonion_repo >> $setup_log 2>&1
 	    update_packages >> $setup_log 2>&1
+	else
+	    airgap_repo >> $setup_log 2>&1
 	fi
 
 	if [[ $is_sensor || $is_helix || $is_import ]]; then