I believe I know of 3 ways to bypass endpoint rejection before the suppression timeout occurs.
1. If an endpoint is truly rejected, you can release it under Context Visibility->Endpoints. Look it up, click the checkbox, and see if the Release Rejected option is grayed out or clickable. It is on the same line as the refresh circle, the add /edit / delete buttons, and the Import/Export endpoints pulldowns.
2. You can also check / release it using the APIs document on your PAN https://PAN/ers/sdk See the API documentation->End Point section, calls ReleaseRejectedEndpoint and GetRejectedEndpoints. I just had an issue the last time I tested it (2.7 maybe?) where the GetRejectedEndpoints didn't paginate properly so I didn't trust the list it sent back to me (at that moment we were working with teams to sort out rejections, and it was more than the API could return on one page of results).
3. Navigate to Administration->System->Logging->Collection Filters In that section, add your MAC Address as a Attribute->MAC Address with the Filter Type->Bypass Suppression It allows a bypass for the default time period, which I believe is 60 minutes. When that time period has passed, it automatically changes from enabled to disabled. However, it stays on that list until manually deleted. So, if you use it often here, you'll have to manually clean up any suppression bypasses you had created on this screen.
Regards,
David
