diff --git a/salt/common/init.sls b/salt/common/init.sls
index 5fe3d9081..0ada77e1a 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -3,6 +3,7 @@
 
 {% set role = grains.id.split('_') | last %}
 {% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
+{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
 
 # Remove variables.txt from /tmp - This is temp
 rmvariablesfile:
@@ -125,6 +126,7 @@ crwazrepo:
   file.absent:
     - name: /etc/yum.repos.d/wazuh.repo
 
+{% if not ISAIRGAP %}
 crsecurityonionrepo:
   file.managed:
     {% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
@@ -137,6 +139,7 @@ crsecurityonionrepo:
     - mode: 644
 
 {% endif %}
+{% endif %}
 
 # Install common packages
 {% if grains['os'] != 'CentOS' %}     
diff --git a/setup/so-functions b/setup/so-functions
index 018bdfac7..8a751a4ad 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -47,8 +47,12 @@ logCmd() {
 airgap_repo() {
 	# Remove all the repo files
 	rm -rf /etc/yum.repos.d/*
-	echo "[airgap_repo]" > /etc/yum./repos.d/airgap_repo.repo
-    echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	echo "[airgap_repo]" > /etc/yum.repos.d/airgap_repo.repo
+	if $is_manager; then
+	    echo "baseurl=https://$HOSTNAME/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	else
+        echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	fi
     echo "gpgcheck=1" >> /etc/yum.repos.d/airgap_repo.repo
     echo "sslverify=0" >> /etc/yum.repos.d/airgap_repo.repo
     echo "name=Airgap Repo" >> /etc/yum.repos.d/airgap_repo.repo
diff --git a/setup/so-setup b/setup/so-setup
index 27a8eee0b..48322f246 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -168,10 +168,8 @@ set_ssh_cmds $automated
 local_sbin="$(pwd)/../salt/common/tools/sbin"
 export PATH=$PATH:$local_sbin
 
-set_network_dev_status_list
 set_palette >> $setup_log 2>&1
 
-
 # Kernel messages can overwrite whiptail screen #812
 # https://github.com/Security-Onion-Solutions/securityonion/issues/812
 dmesg -D
@@ -440,6 +438,7 @@ if [[ $is_helix ]]; then
 fi
 
 if [[ $is_helix || $is_sensor ]]; then
+	set_network_dev_status_list
 	whiptail_sensor_nics
 fi