@RAM Admin wrote:
Interesting, the walled garden on the CP won't let me add the domain or the IP to the whitelist. I keep getting:
Unknown netdestination <ip/domain>
You marked this as solved...it isn't, is it?
Okay.
for the single controller, the ip cp-redirect-address is a private address, right? If you get on your guest network and ping the fqdn on the certificate, does it resolve to that private address?
You should not need to use the whitelist. The whitelist is for external addresses that you want to permit access to prior to authentication. The ip cp-redirect-address should be taken care of by the captive portal ACL, and would not need to be whitelisted.
If you need this fixed sooner, rather than later, please open a support case in parallel so that they can get the detailed informatoin about your network that we cannot ask for here.