Good day!

I'm setting up some VLANs with a TP-Link router, switch and access point. Setup: Internet --> router --> switch.

I created Vlan2 and Vlan3 with interfaces and acls, but there is also the built-in Vlan1(which I emptied of all ports) with the interface ip 192.168.1.0/24.

Vlan2 and Vlan3 are trunked on port 1 of the switch which is connected to the router to get internet.

Question 1: Let's say I add a Deny All ACL rule for Vlan1, would that break anything generally, but also for my vlan 2 &3? (function, protocols, else..)?

Question 2: Additionally, note that the router has ip 192.168.1.1 and is plugged into the switch having ip 192.168.1.2 (so on the same subnet).

I just can't understand whether or not that makes the router belong to the default Vlan1? On one hand the router has the ip address belonging to the Vlan1 interface, on the other hand, the router is plugged into a port that is TAGGED on my device Vlans. I'm confused.

Hope this was clear and concise, have a good one!