@Virgo 

Hi Virgo,

this is the basic setup.

Question is how to get the "control LAN" to work and reach in both zones....

IF the SG2218 somehow shows up as target when setting up VLANS, I could create the VLAN 1 (for omadacontrol) on switch#1 as well as on the Router#2. But how does the ER605 deal with VLANS on its WAN, does it even care at all???

  @d0c74 you actually have nice hardware, but I am unsure about the setup. FritzBox is quite popular for ISP's in german speaking countries and many providers offer routers which can work in router mode (this is mode which you use with available dhcp server) as well as there is bridged mode where wireless is mostly disabled in bridged mode and every lan port gets own public ip address. In your case, if you set it into bridged mode, you would connect fritzbox to your er605 router, then switch to er605. As you do have managed switch too, you can do quite a lot of things where those vlans can use different wans, this is very practical especially for those who would like not only isolation with vlan, but also own/separate public ip or even for additional port forwarding in case 65k ports are not enough.

For dhcp, in general it is good if you have only one dhcp server in your network and for you from pic above it should be er605 where you can also configure different dhcp server settings for different vlan's.

1. In short, check first with your ISP provider if you can run it in bridged mode, pptp or anything else where your fritzbox would supply er605's wan ports wit own public address.

2. Connect er605 to fritzbox

3. Connect other switches to er605 (of course you can connect one switch to another too)

That's it, this way you have multiwan, all devices connected to your network can reach each other. I think this would be more elegant way then you have now.

I connected that way several different flats, where those flats had all their own internet connection and wanted to keep using it but all wanted to be in one network as well as have neighbours internet as a backup or load balancer, isolation, ... . Luckily placing those routers in a flat where er605 is located does the work and gets connected, together 3 cable and 1 dsl routers. For cable I had to disconnect flats in building and connected simply 2 additional coax cables which lead to the server room, luckily server room is just on other side of a wall. Before I've set omada it was quite a time consuming work to update/maintenance those things to the point that it was too complicated, now with omada everything is centralized and they have access only to their sites which they can configure if they need to, I even do not need to monitor it, they do it with phone application.