As previously discussed in-depth in Same SSID, some devices can't get internet despite connecting, we concluded with @psherman that AGH is the main cause of the issue.
Steps to reproduce:
Install AGH following the steps in the official wiki:
Have multiple VLANs on different subnets.
https://openwrt.org/docs/guide-user/services/dns/adguard-home#setup
Issue:
Successful connection to router and also to the internet if connecting on the main VLAN (located at 192.168.1.1). So gets connected to the router, successfully obtaining IP in the proper subnet, 192.168.1.1 (router) as the main gateway, and propgated DNS servers by AGH (which listens on 192.168.1.1) so the DNS servers are set to 192.168.1.1. AGH successfully blocks anything specified and works through the DNS servers (DOH, DOT, DOQ as specified)
Successful connection to the router but NO internet connection if connecting to any other VLAN (located on any other subnet other than 192.168.1.1, so for example on a guest network on 192.168.5.1). Gets connection to the router, gets an IP in the right subnet, the proper gateway at 192.168.1.1, however doesn't get any DNS servers, so no internet access. You can resolve the issue if the client ovewriting of the DNS server to get intenet access, since everything else is in place. For example my Fire TV stick does seem to overwrite the DNS server propgated to it by the router, and it never had an issue connecting to the SSID that was under the guest VLAN, while my phone didn't get the connection since by default it did not overwrite the DNS servers.
How to resolve it:
As said above, you can manually overwrite the DNS server propagated from the router on the client side, then everything is working fine since you already get everything, except the DNS servers.
Uninstalling using the uninstallation script:
https://openwrt.org/docs/guide-user/services/dns/adguard-home#uninstalling
All things go back to normal, DNS is properly propagated on all VLANs.