This is my understanding (i'm not a super hacker):
Wireless can only work if the network (interface) you assign it to is assigned directly to a bridge. (as far as I know)
From what I can see, you aren't doing any tagging on any port, so there's zero reason to use vlans.
- You can just make a bridge with lan1 and lan2 in it (basically just remove lan3 and lan4 from br-lan)
- Make another bridge with lan3 and lan4 in it (eg br-iot)
- Assign the 'personal' interface to br-lan, and the 'iot' interface to br-iot
- Assign your wireless to whichever one
If you want to stick with using vlans, basically, you can put a bridge ontop of a bridge. E.g..
- Make a bridge eg call it switch0 assign all ports to it
- Configure the filtering as you like (eg lan1 and lan2 are vlan20, lan3 and lan4 are vlan 30 etc) for switch0
- Remove all the ports from br-lan, add port switch0.20
- Make bridge called br-iot, add switch0.30 as the port
- Assign the 'personal' interface to br-lan, and the 'iot' interface to br-iot
- Assign wireless as you choose
I'm not sure if you should actually use the name switch0 but the idea is there.
Second way is to use all one bridge and I kinda go over it here VLANs issues on OpenWRT v24.x.x - #10 by ssosipov, essentially, you make an unmanaged interface, set it to use the bridge with everything in it including the wireless device of the network (that you add in manually) what I don't say in my post there is you can actually do this pretty easily because it lets you name the wireless device for each network, so it's actually really easy to then add them in manually as ports of the bridge and untag it onto whatever network you like in the filtering. Then you set the wireless to use that, but you set up the interfaces as you'd expect with the bridge.id.