Strange issue with UNIFI Private Pre-Shared Keys

I have this really strange issue with Private Pre-Shared Keys on my UNIFI setup.


VLAN 1: Default
VLAN 10: Mobile
VLAN 20: IoT

I have 3 UNIFI APs, so I have configured a Profile and set Native VLAN/Network to Default and Tagged VLANs Mobile (10) and IoT (20).

I then enabled the Private Pre-Shared Key option for my wireless network and configured two SSIDs: One for the Mobile (VLAN 10) network and one for the IoT (VLAN 20 ´) network.

I have a pfSense firewall as gateway.

For some strange reason the Apple clients using the Mobile SSID gets IP adresses in the range (from the DHCP server on the Default VLAN 1 network).

I don’t understand how this can happen since I have not even defined an SSID on the APs for the Default network?