I have 2 MikroTik wAP-ACs which are connected to a Netgear GS324TP managed switch which is connected to an OpnSense router. ( One AP is at 192.168.1.5, the other @ 1.6 )
I would like the APs to serve both private and guest clients.
Private should ultimately be in VLAN 10 (192.168.10.x), guests in VLAN 90 (192.168.90.x)
I have attached a screenshot of a very initial configuration using (MikroTik Webfig’s) QuickSet, but of course this is at best only going to use one of the available VLANs (I put it all in the 90 for the moment).
What is not clear to me is what has to be done in RouterOS and what has to be done in OpnSense. Ideally OpnSense would provide DHCP so that addresses come from the VLAN pools I will establish.
Any and all help is appreciated. If you could possibly point to how to do it in either Webfig (preferred) or Winbox, thta would be ideal. I’m not hesitant to use the command line, but will have to teach two other people how to maintain this and I was (so far) never able to translate RouterOS commands into useable GUI actions . . .
Also, please let me know if any further information is needed to move this forward more quickly. Thanks!
The wapac are not dumb APs, they, using RoS are rather smart APs.
What you need to do is ensure you establish what is your trusted LAn, in other words the two APs and the netgear smart switch will get their LANIPs on this LAN.
I suspect in your case it will simply be the HOME LAN vlan10
So just use this link to configure the APs, ether1 being the trunk port coming from the switches in each case.
Only need to define vlan 10 with interface bridge as per the example in the link below.
I am back at it this morning after getting a bit distracted with installing some home automation switches yesterday and learning what NOT to do in OpnSense! [ For those of you who might somehow (wrongly) think I believe OpnSense is a panacea! ]
[ For those of you who might somehow (wrongly) think I believe OpnSense is a panacea! 
]