I used the WLAN wizard to create a new guest network.
I configured it to use a Captive Portal with no authentication.
I have the PFENG license in use.
I have a VLAN IP for this guest subnet.
I have two controllers (Master, Master-Standby).
This guest VLAN is making use of VRRP. So the IP scheme is, as an example, 10.0.100.2/24 (on the primary controller), 10.0.100.3/24 (on the secondary), then both configured to share 10.0.100.1/24 via VRRP.
Master controller IP, as an example, is 10.0.1.2. Master-standby is 10.0.1.3. And VRRP for this management VLAN is 10.0.1.4.
The ip cp-redirect page is 10.0.1.4.
When I connect to this guest SSID with a Captive Portal profile, I get an IP address. The scope is using 8.8.8.8 and 8.8.4.4 for DNS servers.
If I try to go to a webpage, it times out. If I try to use nslookup, it times out. If I do http://1.1.1.1 it'll load the Captive Portal page, then redirect and time out.
I've deleted and recreated this SSID multiple times to no avail.
What am I missing at this point? Why is DNS timing out? All of the local policies in use via the WLAN wizard allow FULL icmp, dns, dhcp, etc. DHCP seems to work, but DNS will not.