Captive Portal failed when if a machine used by multiple users

Question

Recently I am testing the Captive Portal feature on Sophos XG Firewall (VM). 
 I have enabled Captive Portal on LAN interface which connected to a sigle Macbook that has multiple local profile for different users. 
 However I found out that when User A authenticated on Captive Portal then switch local account on Macbook. Surprisingly User B can re-use the authentication session of User A to browse the internet not even need to authenticate on Captive Portal. I suspect the reason because both local account on Macbook also receive the same IP address from DHCP in Sophos firewall. 
 Is there anyway to have both users authenticate separably even they are using the Macbook?

Michael Dunn · Accepted Answer

Under Authentication \ Services. Redirect to a URL after login should be checked. URL to redirect is the User requested URL Preserve captive portal after login is Yes Use keep alive to maintain user session is Enabled. 
 
 On the client, may sure you are not blocking pop-ups (or have exception that allows from XG) 
 Browse somewhere. You should get a captive portal login. Log in. It should open up a new tab with your destination. You should now have a tab to Captive Portal saying you are logged in, plus another to do your browsing. You should be able to browse. Close the captive portal tab. Try to browse - you should now for forced to log in again. 
 Basically, your login will only last as long as that tab is open and there is a keepalive to the XG. 
 
 Now try with the Mac. Have the captive portal currently logged in tab open. Switch users. 
 Try to browse using new user. 
 
 AFAIK because the previous tab (in the background user) is not doing a keep-alive it should think there is no current user and Captive Portal should appear. 
 
 Note: This is what happens in Windows. I've not tested in Mac.