I am running into an issue where I have a successful authentication with clearpass guest, user connects to guest SSID --> redirect to captive portal --> user successfully is authenticated, assigned roles and enforcement policies. However, the enforcement policies access tracker shows that the output of the radius request is to switch user vlan to 400, when looking on the controller this doesn't happen the user stays in the default vlan.