My proposed Setup please comment

[iammike]

Guys,

need your advice.

I am looking to change our network environment at home because of the Solar Inverters we are getting and also family is asking to be allowed to use our Wifi when they come over 

Network layout will look something like this with the OpnSense Firewall only having 2 Ports



Main switch will have these devices connected approx



2nd Switch



3rd Switch



As you can see I am looking to divide it in to VLANS

VLAN 10
- Management
(for example Switches, Main PC)

VLAN 20
- Laptop
- NAS
- WAP (VLAN Aware) for Trusted Devices
- Mobile Devices
- etc

Vlan 30
- Test devices

Vlan 55
- WAP for Untrusted Devices (WAP = VLAN Aware)
- Guest Devices, Mobile Phones etc
- etc

Vlan 65
- Solar Inverters
- etc

I am thinking of using these DHCP ranges

VLAN10   10.125.10.1 - 10.125.10.255 /24
VLAN20   10.125.20.1 - 10.125.20.255 /24
VLAN30   10.125.30.1 - 10.125.30.255 /24
VLAN55   172.25.55.1 - 172.25.55.255 /24
VLAN65   172.25.65.1 - 172.25.65.255 /24

Any comments are more then welcome

TiA

Edit: Switches are all Managed Switches and L2.

[iammike]

And this is the proposed OpnSense Firewall setup

Explanation

10,20,30,55,65 = VLAN ID



Any comments are appreciated