Yes it turns out there was a bug on the PSN, the PSN wasn't sending out the entire cert chain, all we had to do was reboot the PSN and it fixed the issue...when it doubt, turn it off and on again :)
I dont think its the captive portal itself thats the issue, android devices seem to be fooling the controller into getting a response from a cisco site that is clearly not in the redirect url, see the below link:
https://socifi-doc.atlassian.net/wi...
No unfortunately this didnt work, see the attached logs, no matter what I do, androids are bypassing the web auth acl and thinking they are online?? (the below acl also allowed dns...that was removed for testing...that isnt the issue)
...the more u...
I have this same issue, even before the user gets past the web redirect acl, the controller is proxying connections to connectivitycheck.gstatic.com and replying to the client /generate_204 which tells the client its not behind a captive portal...so ...