Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2105
Views
10
Helpful
7
Replies

Difference between suppress & reject Cisco ISE?

Go to solution
Mottok
Level 1
Level 1

‎09-11-2018 02:54 AM - edited ‎07-05-2021 09:09 AM

Hi, can anyone tell me exactly what the difference between suppress and reject is please? Because when you look at the info it says 'Suppress' is to supress from audit logs AND to reject, and to reject is to reject......eh??

 

Can't find much on interweb either.

 

Any help appreciated thanks.

 

ISE.JPG

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ammahend
VIP
VIP
In response to Mottok

‎10-15-2018 08:09 AM

Suppress as per your config means if the client has failed authentication 2 times in 5 minutes, then don't report failure in logs everytime the client failed after first 2 times, only report it every 15 minutes once.

Reject as per your config means after total 5 failures, don't process client request for authentication for 60 minutes.

 

-hope this helps-

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Mottok
Level 1
Level 1

‎10-15-2018 04:38 AM

Hi - anyone able to answer the above? Thanks.
0 Helpful

Go to solution
Mottok
Level 1
Level 1
In response to Aravind Ravichandran

‎10-15-2018 06:30 AM

Ok thanks, so it basically looks like the suppress keeps it out of logs and reject actually stops/rejects authentication. Just the supress part which is badly worded in the "i" info section.
0 Helpful

Go to solution
Aravind Ravichandran
Level 3
Level 3
In response to Mottok

‎10-15-2018 06:41 AM - edited ‎10-15-2018 06:42 AM

Yeah Suppress will reduce the repeated logs & reject will stop the failed authentication of endpoint for mentioned time period.

 

Thanks,

Aravind

-Aravind

Go to solution
Mottok
Level 1
Level 1
In response to Aravind Ravichandran

‎10-15-2018 06:47 AM

yeh it's just that last sentence about the suppression that was confusing me, it looks as if this could reject too. Thanks all.

 

Supress.JPG

0 Helpful

Go to solution
ammahend
VIP
VIP
In response to Mottok

‎10-15-2018 08:09 AM

Suppress as per your config means if the client has failed authentication 2 times in 5 minutes, then don't report failure in logs everytime the client failed after first 2 times, only report it every 15 minutes once.

Reject as per your config means after total 5 failures, don't process client request for authentication for 60 minutes.

 

-hope this helps-
0 Helpful

Go to solution
Mottok
Level 1
Level 1
In response to ammahend

‎10-15-2018 08:13 AM

Was looking for a nice simple answer and that's it thanks!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card