Unable to Use Guest Wifi in AP Mode and a Switched Wired Backhaul

Hi, 

Thank you all for the replies.

Given that VLAN tagging is a 26 year old protocol (IEEE 802.1Q), and that it should be quite easy to implement the software given hardware that clearly supports it, I'm left to wonder why they chose something that I feel is a lot more complicated. Further, it seems this was supported in previous Orbis. This could not have come from the engineering department.

For now, I've temporarily removed the switch in between the Orbi and the satellites even though the manual clearly shows this is supported.  I am able to have the guest network working by using the 10Gbps LAN port and a 2.5Gbps LAN port to connect to the satellites. But this solution is one 10Gbps LAN port short of being acceptable. I bought this for 10Gbps support.

Kurt: are you saying that there is a layer 3 hack that I can implement on a different switch that could make this work? Then I might get a the Mikrotik CRS-304 to replace my layer 2 5-port switch. 

Given the directions of some of the comments I feel the need to make some clarifications about my use case.

a) This is for a home, not a business. I want simplicity, 10Gpbs, low latency and a large coverage area. 

b) I came to chose the Orbi 970 series system because it was the only one that has a 10Gbps backhaul that I could find. This network will be used for gaming, AV, local file transfers, uncompressed video and future proofing applications such as virtual reality. So high speed and low latency switching are factors in this choice. Solutions such as Unifi Wifi 7 have 2.5Gbps wired backhaul.  That takes the 7 out of Wifi 7, I'm not sure why anyone using Unifi for Wifi doesn't stop at Wifi 6e. I read 168 page Orbi manual from cover before buying (which is easier than it sounds, there is a lot of repetition) and I felt informed that it met my needs. The good reviews were also a factor.

c) The small switch after the Orbi RBE971 was not there originally. I have a couple of professional layer 3 switches taking care of everything in my network but I had to add the switch after a number of lengthy support calls to Netgear. My regular Wifi was not working on the satellites, let alone the Guest network.  Turns out Orbi has other limitations on the wired backhaul due the non-standard proprietary nature of their mechanism. I don't know the exact reason as details were not provided. But from what I deduce you need to have something in place that looks like a hardwired Minimal Spanning Tree or else the Orbi system can't deal with it. Even the regular Wifi SSID wouldn't work. So the switch was added. But then that breaks the Guest Network due to the 192.168.2.X business. I do not know of any product that Netgear makes that is comparable (small, fanless full 10Gbps switch). The most powerful I've seen is the Mikrotik CRS304-4X at $199 which has layer 3 features and 3 redundant power supplies. So I can't really get a Netgear switch, it doesn't exist as far as I can tell. I saw netgear M4350 at ~$4700 switch that came close though. But at that price, even if it did...

d) The Firewalla Gold Pro is an extremely capable device targeting the home user such as myself. I can even get rid of my Unifi Cloud Key (or a Dream machine) by running Unifi Network in a container on its OS. It is a wonderful device and I don't have to spend hours configuring it like my two layer 3 switches. I can't say enough about it, let's not underestimate it. 

Thanks.