After much trial and tribulation I'm looking towards the experts who hopefully might be able to help me in my predicament.
Here's what I have:
1 x ER-X
1 x UAP-AC-LR
1 x TP-Link 8 port Smart switch
1 x TP-Link 5 port Smart switch
The ER-X acts as my router, obviously, and for the sake of argument, it is currently in the 100% default state after running the standard wizard where eth0 is the WAN connected to the modem and eth1-4 are joined to the switch0 interface.
A pic to show what I have...
Image may be NSFW.
Clik here to view.
Now I have these networks/VLANs in mind:
VLAN10: Utility
VLAN20: IoT
VLAN30: Restricted
I'd will definitely have devices slated for the 'restricted' VLAN that exist both in the XenServer -- so physically wired in with XenServer have virtual NICs assigned to the relevant VLAN -- as well as be on Wireless so essentially the VLAN needs to be available across both places. Same for the IoT side...some hard wired, some wireless.
In my journey to get this set up, I tried removing eth1 from the switch0 interface and then created the VLANs on eth1 (so eth1.10, eth1.20, etc). I was able to successfully get the trunks set up on the switches as well so that servers built in Xen could successfully get a DHCP address on the right VLAN and then my office desktop was getting an address on the default LAN network as expected too. Hardwired its realy been no problem at all...
Wireless on the other hand, or at least extending the VLAN to the UAP so a hardwired and wireless client appear to exist on the same network, has been my problem.
I really feel like I might be overthinking this and the answer is staring me right in the face but Im too blind to see it but I've hit my limts of understanding how to set this up with the ERX and Unifi Controller. Yes technically I could just attach the UAP to one of the switches but its not optimal for how my devices are physically set up to be honest and right now my UAP is running of the PoE injector I have on the ERX.
So....long story short, any guidance on how I might properly set this up when starting from a basic WAN+LAN config?