Questions about my setup, role of VLANS, using mdns-repeater for Chromecasts?

[surfrock66]

Hi, I'm a brand new opnsense user.  Over the last 6 months I've been converting my residential flat network to one more in line with a learning lab, using managed switches and vlans.  It's more complex than it needs to be, but the driver was teaching myself about more complex networking.

I have an older L3 switch which is the router on my network for my 5 VLANS.  It's a Netgear GSM7312.  It has an interface on each VLAN; the VLANS are /16 (which is bigger than needed, but is the result of a legacy configuration I'm not ready to re-architect).  When deciding on my architecture, I considered moving routing functionality to opnsense; as a result, the connection to opnsense is trunked and is carrying all 5 VLANS, though the LAN port on opnsense is tied to "lagg0_vlan1".  In opnsense I defined a gateway for each of my VLANS pointing to the interface on each VLAN on the L3 switch, then I defined an interface on each of the other 4 VLAN interfaces with roughly the same IP (10._.1.40).  While I didn't specify the gateway in the VLAN interface configuration (since It's LAN I set it to none) but the interface overview shows each interface has the right gateway.

As I understand it, I should be able to access the opnsense firewall from any of those interfaces, right?  As long as I have the web interface listening on them all (it's listening on the 5 LAN interfaces, not the WAN), I thought I should be able to get to it at "10.1.1.40" or "10.4.1.40".  As it is, I can only get to it from 10.1.1.40; the others are unreachable/unpingable.

I ask this because I am hoping opnsense can solve the one thing on my network not working...Chromecasts.  Most user devices are VLAN 4, but things like Chromecast are VLAN 5.  I want to tightly control the traffic between the VLANS as part of my learning journey, and my research says I can do that eventually, but for now at a minimum I need to use a plugin like "mdns-repeater" to allow mDNS between vlans.  Since the firewall isn't doing the routing, my understanding is I need an interface on each VLAN/subnet, then configure the plugin to watch on those interfaces. 

For as wonky as the setup is right now, does this make sense?  Should the VLAN interfaces be reachable, is there something fundamental I'm missing?

[surfrock66]

I figured this out; I didn't have any firewall rules on any of the other interfaces.  For some reason I thought the allow all rule on the LAN interface (to let clients talk out the internet) would cover all interfaces; I simply added a rule on the other interfaces, and the chromecasts woke right up.

IGMP Snooping across the 2 vlans I wanted on the L3 switch, mDNS repeater on the 2 vlan interfaces on opnsense,  good to go.