Not 100% sure am understanding your issue/question but...When endpoint fail HI, you are placed into Quarantine Location. then you use the policies there. In that location you have a FW policy, which is blocking. Same goes for HI policy, you have another HI policy in quarantine that is getting run seperately sounds like....
Turn on logging for rules in that FW policy in quarantine, note not all rules by default log or the log traffic would be high. If there are many clients in this group create a debug group and place a small number of clients in it. If that is the issue why being blocked?
P