ANSWER: Add the device's IP number in the "Allowed IP addresses" to give it access to and from the captive portal.
Nota Bene: This is also what needs to be done when allowing devices to be accessed outside the LAN, in conjunction with setting up the proper Port and NAT mappings. I almost feel that I should create a thread in the captive portal section just because I'm sure
this particular issue is something many people will run into, without clear reasoning that it is the captive portal acting as a pseudo-firewall.
I'm guessing it is a "bug" or an oversight in the design that the "Pass-through MAC" list doesn't work for this and the "Allowed IP addresses" does. Maybe someone could pass this along to the dev team.
(Reference: http://forum.pfsense.org/index.php/topic,1088.0.html)