Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SonicWall NetExtender Core Isolation "Damaged Version" PowerShell Script


I've run into this issue a lot and got tired of manually fixing the core isolation issue detailed here:

I made a script to automate the process in powershell and thought I would share as it's very annoying to do this by hand across multiple computers.

I suggest reading the script before just blindly running it. While this script works flawlessly in my environment it may not work in yours. I take no responsibility, just sharing for those of you who are keen enough to use it. You're responsible for your own environment.

Pastebin Link:

Raw Powershell Code:

#Script to automate most of the items in

#Check for Administrator privileges and if not, open powershell as admin and rerun the script

Write-Host "Checking for elevated privileges" 

If (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")) {

Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs



# Set the working location to the same location as the script

Write-Host "Setting Working Directory to Script Root"

Set-Location $PSScriptRoot

#  Install 7zip module

Write-Host "Installing 7Zip Module for PowerShell"

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Install-PackageProvider -Name NuGet -MinimumVersion -Force

Set-PSRepository -Name 'PSGallery' -SourceLocation "" -InstallationPolicy Trusted

Install-Module -Name 7Zip4PowerShell -Force

#download cleaner tool from

Write-Host "Downloading SonicWall NetExtender Cleaner Tool"

$url = ""

$output = "$PSScriptRoot\"

Invoke-WebRequest -Uri $url -OutFile $output

#download installation file from

Write-Host "Downloading SonicWall NetExtender Installation"

$url = ""

$output = "$PSScriptRoot\NetExtender.msi"

Invoke-WebRequest -Uri $url -OutFile $output

#Extract files from

Write-Host "Extracting files from"

Expand-Archive -Path "$PSScriptRoot\" -DestinationPath "$PSScriptRoot" -Force

Write-Host "Extracting files from NxCleaner.7z"

Expand-7zip -ArchiveFileName "$PSScriptRoot\NxCleaner.7z" -TargetPath "$PSScriptRoot"

# Uninstall SonicWall

Write-Host "Uninstalling SonicWall NetExtender"

Uninstall-Package -Name "SonicWall NetExtender" -Force -ForceBootStrap

# Disable Core Isolation

Write-Host "Disabling Core Isolation"

Set-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" -Name "Enabled" -Value 0

# Run NetExtender Cleaner Tool

Write-Host "Running SonicWall Cleaner"

Start-Process -FilePath "NxCleaner.exe" -Verb RunAs

# Remove NetExtender VPN Folder

Write-Host "Removing SonicWall folder"

Remove-Item -Recurse -Force "C:\Program Files (x86)\SonicWall"

# Remove Registry Entries

Write-Host "Removing Registry Entries"

Remove-Item -Path "Registry::HKEY_CURRENT_USER\Software\SonicWall\" -Recurse

Remove-Item -Path "Registry::HKEY_LOCAL_MACHINE\Software\SonicWall\" -Recurse

Remove-Item -Path "Registry::HKEY_USERS\.DEFAULT\SonicWall\" -Recurse

Remove-Item -Path "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SonicWall\" -Recurse

# Change NoInteractiveServices from 1 to 0

Write-Host "Changing Registry to allow Interactive Services"

Set-ItemProperty -Path "Registry::HKEY_Local_Machine\System\CurrentControlSet\Control\Windows" -Name "NoInteractiveServices" -Value 0

# Commenting out removing NetExtender.MSI since we're installing manually

# Reinstall SonicWall NetExtender

# Write-Host "Installing SonicWall NetExtender"

# Start-Process ./NetExtender.msi -Wait

#Clean up files

Remove-Item -Force "$PSScriptRoot\"

Remove-Item -Force "$PSScriptRoot\NxCleaner.7z"

Remove-Item -Force "$PSScriptRoot\NxCleaner.exe"

# Remove-Item -Force "$PSScriptRoot\NetExtender.msi"

Read-Host -Prompt "Please Reboot your system. Press Enter to exit"

Category: VPN Client
Sign In or Register to comment.