hello,
i am quite new to router os and really fascinated by the possibilites provided by hard- and software. i have a network setup consisting of three crs125-24g-1rm at my office, connected to the internet through a pfsense appliance. further, there are a few cap lite for wifi. they are new, i replaced the old openwrt APs (maily, i wanted to try capsman 
for now, everything works like a charm and is perfectly fine.
now, i want to provide guests wifi, too. and there i am struggling a bit with the configuration. all cap lite are wired to the third switch, managed by capsman with datapath to bridge1 (internal, no vlan tagging). starting from the default configuration the switch has ether1-ether8 bound to ether1 as master port, ether9-ether22 are different isolated vlan ports. ether1 is the lan uplink to the second switch, which has an uplink to switch1, which is connected to one of the ethernet ports of the pfsense firewall. the vlan ports are isolated from the internal network, using port tagged vlan with a direct uplink to the pfsense (tagged vlan trunking).
the cap lites are connected physically to ether2-ether6. i want to add a guest network, using vlan tag 200, which is configured at the switch with it’s own bridge vlan-200 and should use the trunked uplink to the pfsense. in capsman, i added another configuration for the guest network, and added these configuration at provisioning as slave configuration. As datapath i chose the bridge vlan-200.
the internal wifi still works fine, but the guest wifi does not work - it’s available and clients are able to connect to the AP, but can’t obtain a IP address or reach any address. I think the problem resides in the switch configuration. As each cap is handled as interface by the switch, do i have to add the caps to the vlan-200 bridge ?