@mati2762 

I was wrong about the VLAN isolation, but not about the closing of ports.

I did successfully close port 80 completely to ME.

It seems that destination ME works fine.

But destination to another IP group, or even LAN network, does not work. I tried many variations, and it simply doesn't work. Definitely a bug.

I tried IP group vlans set manually, and LAN->LAN with say LAN 1 to LAN 4 block, and it does nothing..

There must be some existing rules that have precedence over my rules, which enable inter-lan communication, otherwise I can't explain it.

Not matter what I do, I can only completely block the VLAN off to itself, or it's completely open.  I can't open it to a specific place, like the Internet and block it to other vlans.

After upgrading the firmware and a second reboot, after the update, the firewall rules finally work to block IP ranges between each other!

That was the last try and finally it works.

The first boot after update didn't work, and the firewall GUI was also mostly broken.

I should've upgraded the firmware as soon as I bought it, but I didn't think it would've come with a broken firewall..

  @minks1 

In my case I'm blocking from IOT's Vlan to LAN Vlan using Firewall - Access Control, and is working fine (IOT's Vlan have internet access).

  @minks1 

It is work nice :)