Help with openwrt as a 3rd party gateway for setting vlans on usw lite 8 poe managed switch

Installing and Using OpenWrt Network and Wireless Configuration
1

EDIT: Sorry for the lack of embedded media here, this is a new account so I am limited in that area and had to post my screenshots as links instead.

I'm trying and failing to pass some vlans from my 3rd party gateway, a device running openwrt acting as both a router and firewall, to my usw lite 8 poe switch. I can't get any other VLAN to work other than the default vlan for untagged traffic, anything else doesn't connect to the network. I posted help on the Unifi forum as well though that would be more in the scope of the UniFi switch side of things, any assistance with my vlan configuration on my openwrt router would be appreciated.

First, I have a bridge device containing all of the vlans as shown below.

My bridge device contains 3 vlans:

  • VLAN ID 4: Used for guest networks.
  • VLAN ID 3: IOT network
  • VLAN ID 99: LAN network

The Unifi switch is connected through the physical port lan2, which has tagged traffic for VLAN IDs 4 and 3 and untagged traffic goes through VLAN 99 which is the main LAN. lan1 is connected to a raspberry pi that is running the unifi controller server.

Screenshot 2025-06-29 at 09-44-05 OpenWrt - LuCI
Screenshot 2025-06-29 at 09-44-05 OpenWrt - LuCI900×500 26 KB

Below is an example of the configuration I use for iot with br-lan.3. The guest interface using br-lan.4 uses ipv4 range 10.0.4.1/24 and the lan interface uses br-lan.99 in 10.0.0.1/24.

Screenshot 2025-06-29 at 09-45-42 OpenWrt - LuCI|690x367

I also set the firewall zones here:

Screenshot 2025-06-29 at 09-46-16 OpenWrt - LuCI|690x306

I tested using wireless on the openwrt router that the vlans work, that dhcp assigns ip addresses in the correct subnet range, etc. Now on to unifi. I set the vlans corresponding to the openwrt 3rd party gateway that I set up earlier.
Screenshot 2025-06-29 at 09-41-20 UniFi Network|689x311

Now going to the switch, I've tried testing 1 port with my laptop to see if it picks up on the different networks by blocking all VLAN tagging and trying every single VLAN but nothing is picking up except for the default vlan.

Screenshot 2025-06-29 at 09-42-09 UniFi Network|356x500

Someone has already pointed out that I didn't post my uplink configuration in my initial post on the UniFi forum so here that is as well. I'm assuming Default VLAN falls back on the untagged vlan on port 2 (VLAN ID 99, br-lan.99) of my openwrt device because it doesn't like using VLAN 99 in any case and dhcp works as it would with my LAN interface and is accessible from devices on the main LAN connected wirelessly.
Screenshot_of_uplink_port|464x500

2

There is no official guarantee that tagged + untagged on the same port will work.
A lot of devices do, but some don't.

3

I didn't look at the screen grabs, as the primary thing we need to see is your complete config in text form. And, just in case it isn't clear from the configuration, is this OpenWrt the gateway for your entire network or being used for some other purpose?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall