VLAN's drive me crazy

[ubear]

Hello wise and mighty people.
I am using OPNsense for a SOHO environment with TP-Link smart switches such as TP-SG108E.
I have ~50 client machines on the LAN side of my OPNsense.
I have recently got it into my head to use VLAN's and it's driving me crazy:

on OPNsense:
i set up the 3 VLAN's on the OPNsense LAN line.
Base: DHCP is set 192.168.2.100-199 on LAN line
DHCP is set 192.168.40.100-199 on VLAN40
DHCP is set 192.168.50.100-199 on VLAN50
DHCP is set 192.168.60.100-199 on VLAN60

The smart switch is connected to the LAN line:
One trunk  port(8) is assigned to VLAN 40,50 and 50.
port 1 assigned to VLAN 40
port 2 assigned to VLAN 50
port 3 assigned to VLAN 60

Note: TP-link switches will ALWAYS pass VLAN 1 (un tagged packets) to all ports to prevent control lockout.

Problem:
When I connect my laptop to ANY port on the switch, I get the same 192.168.2.100 address.
I expected to connect the laptop to port 1 of the switch and get an IP 192.168.40.100 but got 192.168.2.100

Thoughts: Since the switch passes VLAN1 in any case, perhaps this DHCP server answers first? Can I change the order of DHCP servers?

Thanks
Uri

[Gauss23]

Note: TP-link switches will ALWAYS pass VLAN 1 (un tagged packets) to all ports to prevent control lockout.

I don't think so.

German page, but I think you get the point:
https://znil.net/index.php/VLAN_auf_TL-SG108E_mit_802.1Q_einrichten

You need to change the PVID too.

[ubear]

Thank you VERY much!
That did the trick!

My trust in machines (and people) is restored!

Thanks again
Uri

[Patrick M. Hausen]

Whoever permitted tagged and untagged frames on the same port in 802.1q deserves to be shot.