@Ethan-TP

My dear.

Thank you for your kindness.
I'd like a more comprehensive explanation, if that's not too much trouble.

In my logic, if I'm enabling communication between the media (VLANs), no additional services would be necessary, since tunneling between them is functional.

One additional point.

I've been trying to understand more about mDNS, and this has caused me concern.
Some say it's just the mDNS reflector, and it's not working properly. Unfortunately, I haven't tested it yet because I had a busy day. I'm sorry I didn't answer this adequately.

And I saw in some posts on Reddit that enabling mDNS as a reflector activates it on all interfaces, including the WAN, and that would be quite bad. Could you confirm this?

Another detail: they say the best way to use mDNS is as a repeater, but then it would be applied on a separate server.

I'll try to run these tests later, but I'm VERY concerned about having to enable this on the WAN interfaces.

  @Artur.Aragao

I'm back here to report my success with this case.

I still need to understand a few things, and I think the people here will be able to explain better.

Before applying mDNS, which was the only thing that resolved the printing issue, I tried allowing access between VLANs 70 and 71 and VLANs 71 and 70, but nothing worked.

Analyzing the context of the mDNS rules, I decided to initially apply mDNS at the AP level. The logic was quite clear to me. VLANs 70 and 71 are used by SSIDs, so communication would be effective for this type of access. It didn't work.

I created another rule in mDNS, but this time for the Gateway. I didn't understand it. I had to delete the previous one because the gateway option wasn't enabled. Great, let's go!

Rule created, I waited a bit, ran the test, and finally the printer did what was expected. Now I can block LAN-to-WAN on VLAN 71.

I'm a bit unsure and even inclined to test it later. Would this feature work even though I've blocked LAN-to-LAN and LAN-to-WAN networks on both VLANs? I really didn't want VLAN 71 to be open, but logically, I see that I should allow it.

I'm truly grateful to everyone who contributed to this.

In all my years in this vital industry, this is the first time this has happened to me. You must know woodpeckers around here. Amazing design. LOL

I want to continually improve the security level with my ER605 V2. Sometime in the future, God willing, I plan to buy an Omada with IDS/IPS and WLAN SFPs. I want to learn more.

Omada has been a very enjoyable experience, and sometimes nerve-wracking. I really wish there were more hardware diversifications for small and medium-sized businesses. Don't forget that's where they started. From nothing to what they are today.

I wanted to see hardware designed for virus inspection, in addition to the IDS/IPS. Suddenly, a device designed to be an add-on to the gateway.