Old topic, but I’m in the same boat. I have pretty much the same setup as the OP, a pfSense router with Frontier ONT plugged directly into it obtaining an IP, a Ubiquity 24 port POE switch with all ports configured with VLANs: LAN/Default-10, Cameras-20, IoTDevices-30, Filtered-40 (kids, DNS filtering and other future blocking plans), Unfiltered-50 (Adults, friends, etc.), and OpenVPN-60. I’m factory resetting all my devices to put them on the IoTDevices SSID, or plugged into ports on switch with VLAN 30 (just a amazon Firestick and Chromecast on my living room TV with ethernet adapters).
I’ve read the ENTIRE internet (feels like it) and can’t get this thing working reliably. I followed your videos setting it up Tom (Thanks by the way) but it’s still acting flaky. Sometimes when responding to a query I initially get “there was a glitch”, or I’ll look at a Hub Max, and it’ll say disconnected from internet, then it’ll connect up quickly. Sometimes I can see all my casting devices no matter what subnet I’m on from Google Chrome window choosing the “Cast” setting under the three dots, sometimes I can’t. I can never see, cast, or select settings with them in the Google Home app unless I’m on the same SSID they are on. Seeing how some of my house will be on Filtered, and some on Unfiltered, I really would like to get this to work. I’ve tried just a allow all rule on all networks, but even that doesn’t seem to work reliably.
All the posts I’ve read are at least a year old, even more, so it looks like it works reliably for most, but I just can’t get it. I must be missing something. I’ve had several friends VPN in to try to tweak things, but no go so far. I know some posts I’ve read state you need to open some UDP ports and such with Avahi, I’ve tried those, but the wide open rule with Avahi disabled should work I would think.
Any help or ideas would be very helpful. I’ll post screenshots or logs of whatever you need. TIA for any help