LAGG with LAN and VLANs

[ole]

I am trying to rebuild my network. I have an APU 4C4 with OpnSense 25.7: igb0 is LAN, igb1 is WAN, and igb{2,3} is LAGG/LACP 'lagg0_downstream'. This goes to a Cisco Switch SG200-8, where g7,8 is configured as LAG chan1 'lagg0_upstream'. All other ports on the SG200-8 are trunk or default. My dumb Openwrt Unify AP is connected to this.
In addition, I have configured VLAN 10,20,30 (User, Guest, IoT) on the OpnSense with their own networks, which are placed on lagg0. The LAN cable also goes to the SG-200.

Now to the question: I want to put the VLAN and the LAN itself untagged on the LAGG, but so far I haven't been able to do it without locking myself out. The LAN and the 3 VLANs should then go to the Unifi AP on the switch. The other ports on the SG200 would then serve as access ports. I would use the LAN igb0 port that would then be free for the DMZ. Would that make sense, or should I also put the DMZ in VLAN?

[ole]

If I also set the LAN 192.168.11.0/24 to lagg0, it is no longer possible to connect to OpnSense's API at 192.168.11.1. Even if I configure g1,g2 on the switch as the access port for VLAN ID 1, there is no longer any access. A network scan of the network shows me all devices—except 192.168.11.1.
So what did I not understand or read? The switch treats the LAN as tagged with VLAN ID 1, or is there something else?

[caplam]

I made a config similar to yours:
1 port for LAN. On the switch it's an access port with native vlan 1
1 lagg of 2 ports (port channel) for vlans
I had to make port channel on the switch as a trunk port with tagged vlans and native vlan as a dummy vlan