Thank you. Appreciate the thorough response. I’m not completely there with understanding yet. I’ll have to add a DHCP-client to “WAN” interface and a DHCP-server to “LAN” interface as those are the L3 points (nothing special there). However, you talk about interface lists. Can’t you refer to the interface names themselves in firewall rules instead of indirectly via a list? I understand if you have more than one interface in a specific VLAN, lists are a convenience.
ps: I’ve removed the entire default FW-config (and broke IPsec in the process as it doesn’t agree with fast track).
/interface/vlan
add name=LAN interface=bridge vlan-id=200
add name=WAN interface=bridge vlan-id=100