Firewalla Gold and Synology RT2600AC Guest Network in AP mode, super simple fix

Hi All:

I wanted to share some information about using a Synology RT2600AC as an AP with Firewalla Gold, because it's not very intuitive (to me) or clearly documented (since Synology UI doesn't "really" support VLAN, and certainly doesn't make a clear way to send guest wifi traffic out of a different LAN port.).

The good news, it seems, is that a simple VLAN setup on Firewalla Gold has this technicality addressed in about 3 minutes.

Basically, left to its own devices, if you setup the RT2600AC into AP mode, the Guest Network creates its own network outside of the Firewalla network.  While this works for internet access, it being outside the Firewalla's monitoring and management kind of defeats the point of having the Firewalla.  Also, the UI for this is terrible on the Synology - to alter the IP values for this DHCP server, you have to take your Synology back into router mode, make the changes, and then put it back into AP mode.  This is crazy, and there is no way that I can find to disable the DHCP server on the guest wifi network.

A really simple fix was, on Firewalla, to setup a VLAN in network manager with VLAN ID 1733 and apply it to all 3 physical LAN ports.  1733 is the VLAN tag that Synology uses for its guest wifi network. 

This seems to have correctly captured the Synology guest network traffic (and devices), and now the Synology is using the Firewalla for DHCP vs its own DHCP (I think).  I have the RT2600AC connected via ethernet directly to the Firewalla Gold, and I have a satellite Synology MR2200AC with a wired backhaul that goes through two unmanaged switches before it gets to the Firewalla.  Devices connected to the WiFi Guest network on both the Synology MR2200AC and RT2600 are working correctly and displaying in Firewalla as being on the VLAN.

Anyone who has any builds on this, please let me know - I am a dummy when it comes to networking - but this seems to work in my situation, and seems like a super easy fix for an otherwise rather difficult technical problem.  Hope this helps!