Just load the same cert for the captive portal on each controller and then use that name (securelogin.acme.com) in the ClearPass Guest page
But if you don't want to do that then you will need to do the following:
* Create two user roles
* Create two captive portal profiles each pointing to a different captive portal page in ClearPass
* And in clearpass you will need to do a policy where you need send the user-role based on the NAS-IP