Well, after some try and error I got it working. I added ClearPass DB (Postgres) as an Auth Source and figured out where the data I needed was through pgAdmin, the query that worked for me was:
SELECT
cast(nas_ip as VARCHAR) as prev_nas,
CAST(attr_value as VARCHAR) as prev_port
FROM
tips_radius_session_log sess
inner join tips_session_log_details det on sess.id = det.session
WHERE
user_name like '%{Radius:IETF:User-Name}'
and det.attr_name = 'Radius:IETF:NAS-Port-Id'
ORDER BY
sess.timestamp desc limit 1
Hope any of you find it useful!
------------------------------
Eric Fahnle
------------------------------
Original Message:
Sent: Dec 27, 2019 02:47 PM
From: Eric Fahnle
Subject: ClearPass authorization based on previous switchport
Hi!
I have a ClearPass deployment with Cisco switches, doing MAC Auth and 802.1x in some cases. Is there a way to detect that a client has moved from one port to another? I've seen this attribute on the Access Tracker (Radius:IETF:NAS-Port-Id) but I cannot compare it to a previous successful authentication.
Please let me know if I wasn't clear enough.
Thanks!
Eric