Solved: Re: Customizing High Authentication Latency Alarm

paul · ‎11-20-2018

I am doing RADIUS MFA for some of my use cases. The RADIUS timeouts when doing MFA are long because you need to allow users to do the MFA. The problem is I am getting high authentication latency false positives because ISE sees the 12 second response time from the MFA server as a problem even though it is completely normal.

I don't know of a way to suppress this alarm for just one external RADIUS server. Is there?

I think my only options are to disable the alarms or increase the max authentication latency for the alarm, both of which aren't appealing.

Timothy Abbott · ‎11-20-2018

There isn't the ability to suppress the alarm for one server today. Like you stated, the only other options are to modify the alarm or disable it.

Regards,
-Tim

View solution in original post

Timothy Abbott · ‎11-20-2018

There isn't the ability to suppress the alarm for one server today. Like you stated, the only other options are to modify the alarm or disable it.

Regards,
-Tim

paul · ‎11-20-2018

Thanks for the quick response Tim. I figured I wasn't missing anything, but thought I would do a double check.

bruce.javid · ‎09-19-2019

Hi, We are having similar issues with ISE server 2.4 Patch 9

is there any actual fix for it?

florian.nolting · ‎04-15-2026

We just set up MFA for certain use cases in our deployment and I'm wondering if there is a solution today other than globally increasing the threshold for the "high authentication latency" alarm or even disabling it? We're using ISE 3.3 Patch 8