Problem with Guest user captive portal redirection problem.

Looking for the help in WLC.

Guest user -> Cisco AP -> WLC -> ISE

- This problem is happening for one particular site. Other sites captive portal is working properly from the same ISE server.

- Auto captive portal is not opening at guest client pc

- When I am giving captive portal manually in the guest pc browser, its working. However, auto redirecting to captive portal is not happening.

at WLC side, ran debugs and below are the info what i have got.

IP address is getting assigned to guest user:

*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 Plumbing web-auth redirect rule due to user logout
*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 192.168.150.71 WEBAUTH_REQD (8) NO release MSCB
*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 Assigning Address 192.168.xxx.xxx to mobile
*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 DHCP success event for client. Clearing dhcp failure count for interface power-guest_100.
*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 Initiating Accounting request(0) update for mobile
*DHCP Socket Task: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 PemLocationConfigured [1]Adding VSA with NAS update and Role[1] with state[0]

Communication with ISE is also happening:

pemReceiveTask: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 192.168.150.71 Added NPU entry of type 2, dtlFlags 0x0
*aaaQueueReader: Feb 29 11:43:15.079: [SA] 22:18:38:6e:c4:09 radiusServerFallbackPassiveStateUpdate: RADIUS server is ready 10.252.yyy.zz port 1813 index 2 active 1
*aaaQueueReader: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 radiusServerFallbackPassiveStateUpdate: RADIUS server is maybe-ready 10.252.xxx.yy port 1813 index 3 active 1
*aaaQueueReader: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 NAI-Realm not enabled on Wlan, radius servers will be selected as usual
*aaaQueueReader: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Send Radius Acct Request with pktId:148 into qid:1 of server at index:2
*apfReceiveTask: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Recieved MS IPv4 Addr= 192.168.xxx.yy
*apfReceiveTask: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Recieved IPv6 addresses count: 1
*aaaQueueReader: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Sending the packet to v4 host 10.252.yyy.zz 1813 of length 346
*pemReceiveTask: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Sent an XID frame
*apfReceiveTask: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Updating MS IPv6[1] Addr= fe80:0000:0000:0000:2018:38ff:fe6e:c409
*aaaQueueReader: Feb 29 11:43:15.080: [SA] 22:18:38:6e:c4:09 Successful transmission of Accounting-Start (pktId 148) to 10.252.xxx.yy:1813 from server queue 1, proxy

*radiusTransportThread: Feb 29 11:43:15.296: [SA] 22:18:38:6e:c4:09 Counted 0 AVPs (processed 20 bytes, left 0)
*radiusTransportThread: Feb 29 11:43:15.296: [SA] 22:18:38:6e:c4:09 Accounting-Response received from RADIUS server 10.252.xxx.yyy (qid:1) with port:1813, pktId:148

*apfMsConnTask_1: Feb 29 12:18:47.395: [SA] f0:d5:bf:fe:a4:a2 Scheduling deletion of Mobile Station: (callerId: 20) in 10 seconds
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Received SGT for this Client.
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 SGT is not applied, sgtLen 0, sgt_stringp 0x1c3ec843
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 AAA Override Url-Redirect 'https://mgwgp.power.com:8442/portal/gateway?sessionId=8b807e9a000053bf65e09fe2&portal=a3cc6225-905d-4ced-acdf-bc72593301be&action=cwa&token=f
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Redirect URL received for client from RADIUS. Client will be moved to WebAuth_Reqd state to facilitate redirection. Skip web-auth Flag = 0
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Resetting web IPv4 acl from 0 to 255

*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Resetting web IPv4 Flex acl from 65535 to 65535

*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 AAA Override Url-Redirect-Acl 'CWA_powerGuest' mapped to ACL ID 0 and Flexconnect ACL ID 65535
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Applying Fabric vnid override for client f0:d5:bf:fe:a4:a2, client->reap 1 ,over bits 100100,isover FALSE
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 override for default ap group, marking intgrp NULL
*apfReceiveTask: Feb 29 12:18:47.620: [SA] f0:d5:bf:fe:a4:a2 Applying Interface(power-guest_900) policy on Mobile, role Local. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 100