Security

I am trying to get my guest portal to work, It is on vlan2 and my clearpass server is on vlan1.
I have a controller on both vlan 1 and 2. I have tried setting up a ACl on my switch is allow the the traffic back and forth. I have created a firewall rule as our firewall acts as out default gateway and routes our internal traffic. That still doesn't work as well. I am unable to get the logon to work with the portal. Any help would be great!

Does the controller have an IP address in the user/client subnet?

Yes the controller has an IP on the vlan1 side where the ClearPass server is and a IP address on the vlan 2 side. The controller is the DHCP server for the vlan 2 side as well. I thought the creating a route at the gateway/firewall would work but it didn't. If it doesn't see it locally it will send it to the gateway and i had a rule there but tat didnt work. I also had a ACL on the switch to pass traffic between the controller vlan 2 ip and the ClearPass vlan1 ip but it occurs to me as I am writing this the guests on vlan2 need some sort of access to the ClearPass server since that is where the authentication comes from as well as the guest portal.

How do I get the controller to route the traffic then or am I going about this all wrong?

I need to have the guest access on a seperate vlan for how our firewall is setup.