I just picked up the EAP225 (not Adapter as noted in my selection above), which I am enjoying playing around with.  There is one feature I'd really like to use but for the life of me, can figure it out.  When I enable the VLAN in the EAP225 it locks me out of the admin interface and clients cannot connect to the device.  The only way for me to get back in is to do a factory reset.

Setup - Step 1

• The EAP225 is connected to my Firewalla Gold firewall port 2
• In the Firewalla Gold I created a physical LAN on port 2, starting with IP 192.168.x.x.
• In the EAP225 I created 3 SSIDS:
  • IOT Data in the 2.4GHz
  • IOT Media in the 5GHz
  • A hidden guest SSID in the 5GHz (using the wireless portal)
  • None of the SSIDs are using any advanced settings, radio, load balance, etc.

VLAN - Step 2

• In the EAP225 I tested using the following VLAN IDs (based on instructions from Firewalla FW)
  • IOT Data = VLAN ID 33 (only used for my IOT devices that only work on the 2.4GHz channel)
  • IOT Media = VLAN ID 44 (only used for IOT devices that can work on the 5GHz channel)
• In the Firewalla Gold I configured VLANs also on port 2
  • VLAN 33 named IOT Data
  • VLAN 44 named IOT Media

Testing - Step 3

• When I hit save and try to test everything out I see the EAP225 is online, but refusing connections.

Any advice?  Is there some sort of VLAN number convention I should be using instead of 33 or 44? I basically want to keep my IOT devices separated from my main LAN by using VLAN. In my firewalla, I have a rule so that the EAP225 does not communicate with the main LAN, but if I could do it with the EAP as well, then I know this feature is working as intended.

Thank you!