@NewbAdmin 

The RADIUS is not necessary for your home setup. This might go in the wrong direction. 

RADIUS is about the AAA authentication, authorization, and accounting.

If you simply need a trunk, which is the term for multiple VLAN on a single port, you could configure it as a VLAN trunk on the ports.

See the guide: 

How to Configure VLAN on TP-Link Switch

Common Questions About 802.1Q VLAN

Management VLAN can coexist with other VLANs. That's a different guide:

How to configure Management VLANs for Omada Switches and APs (for Business scenario)

  @Clive_A Thanks for the response. I really appreciate the time you took to offer feedback. However, I'm not asking if it is necessary; I'm asking if it is possible. A big part of the purpose of my home environment is to gain practical experience, and I'm modeling it as closely as I can after an enterprise environment.

I have static trunks set up where absolutely necessesary. A static trunk is not necessary for an AP since none of my other infrastructure depends on it to stay up.

I bounced this off of one of the infra guys at work, and he said there's no reason this wouldn't work unless the vendor doesn't support it, or unless I have some misconfiguration or am missing something. Does the vendor support it?

-Newb

  @NewbAdmin 

If you ask me if this switch supports RADIUS, and dynamic VLAN, yes, it does.

Configuration Guide on Dynamic VLAN with the VLAN Assignment function of RADIUS

  @Clive_A I have successfully configured dynamic VLAN assignment for 1 VLAN at a time, but that's only part-way to my end goal. I also need to be able to set additional tagged VLAN IDs that are associated with SSIDs the APs host.

The end result should look like this port that I set up manually (see below), but I haven't had any success getting the same result using NPS.

---------------------------------------------

 PVID: 6
 Acceptable frame type: All
 Ingress Checking: Enable
 Member in LAG: N/A
 Link Type: General
 Member in VLAN:
 Vlan    Name            Egress-rule
 ----      -----------         -----------
 6         N/A                Untagged
 30       N/A                Tagged
 20       N/A                Tagged

---------------------------------------------

Will the switch and/or Omada accept/interpret multiple VLAN IDs from the RADIUS server? Again, the goal is for me to be able to plug in an AP to any random port on the switch and let RADIUS do all the work of setting up the link between the switch and the AP. That includes putting the AP on the management VLAN and ensuring all traffic from the wireless networks is able to traverse that link. As you put it earlier, I am trying to set up a trunk link. I just don't want to do it manually any time I need/want to move an AP to another port.

I hope that adds some clarity.

-Newb

  @Clive_A 

I guess I'll take another go at clarifying what I'm trying to do.

I'm asking if there is a supported syntax for the Tunnel-Private-Group-ID (RADIUS attribute 81) that will allow an Omada switch to dynamically assign multiple simultaneous tagged VLANS to a switch port.

I checked in with the Ubiquiti community forum to see how UniFi products handled this sort of thing. They very concisely told me that UniFi doesn't support this. Is that true for Omada as well?

-Newb