psiphone

I'm not sure I understand how Psiphon could achieve that. Psiphon is a comprehensive VPN/SSL/SSH tunneling proxy that is primarily meant to bypass web filtering, such as site blocking used by a lot of schools and corporations.

A captive portal denies all Internet access until you authenticate, redirecting all pre-authenticated Internet access to the login portal. Psiphon should not be effective in bypassing the initial login.

(Of course, there are always techniques to do so-called session hijacking via MAC address  + IP cloning on an open authentication captive portal, which is why Ruckus has other authentication techniques like DPSK or WPA2 Enterprise that prevent users on the same network from being able to intercept their peers' traffic and hence gain the information necessary to hijack their session)

So I just tested this myself and found that Psiphone isn't actually bypassing Guest on our's.  What is happening is it realizes it can get to the Internet over the 4G connection instead and pushes traffic out that.  I verified this by going to whatismyip.com after connecting.