Solution
The group of the guest users was not included in a policy, so they do not fall under the guest account. To give them access, associate their group with a security policy.
Additionally, there is a default group called SSO_Guest_Users. Ensure that group is part of an identity-based security policy to allow traffic.