I have an untangle box running captive portal. The WAN is bridged with the LAN.
capture rule.JPG
The untangle WAN is connected to a port on a Meraki Router that is an access port on VLAN 10 so that it can't communicate with traffic on other networks. The Meraki router is handing out IP addresses for the VLAN 10.

The untangle captive portal rule is set to capture traffic on the "Internal" interface which is the LAN port bridged to the WAN "External"
real capture rule.JPG

We used to have only 1 Unifi AP which we attached directly to the LAN interface and the captive portal worked properly.
Now, we have 4 Unifi AP's that we need to attach to the one LAN port interface.
Instead of having to purchase a dedicated switch, we have an existing smart switch which I wanted to use some of the ports to create a new logical switch using VLAN's which I could connect the AP's and the Untangle box.

On my unifi swtich I created the VLAN10 network and assigned 5 ports to this VLAN as native untagged. I have the 4 AP's connected to the VLAN ports on VLAN 10, and the untangle LAN/Internal port connected to the 5th port in the VLAN 10 group. The WAN port of the untangle box connects to the Meraki Access Port for VLAN 10 still.

Now, while wireless works and the unifi AP's are able to communicate back to the unifi management dashboard, nothing is getting captured and redirected to the captive page. Users are able to just login and wifi works.

My assumption is that when I put all the AP's and untangle box on the VLAN 10 ports that I would lose the AP's communicating with the unifi dashboard and would have to create an exception for them to not have to authenticate on the captive page. Additionally, I thought that because all traffic would have to go through the LAN/Internal interface on the untangle box to reach the internet, it would get captured. However, it seems nothing is getting captured.

Can anyone tell me what I'm doing wrong here?