Yet another Netgear M4300 VLAN routing scenario discussion

Hello there,

I hope you're doing fine and I'd like to thank you for reading this. I've read multiple discussions on this matter but haven't gotten the hang of it quite yet I'm afraid. Let's get into it then, shall we.

The following is my scenario with a customer. We have an office location which is directly connected via an MPLS like (warning, it's not MPLS) ISP connection to a rented rack in a datacenter. For some reason I haven't figured out yet and the ISP couldn't tell me why, VLANs are taken from packets send through this connection. Therefore it looks like I can't use VLANs on the firewall which is placed in the datacenter to manage the network in the office, the firewall cannot act as a gateway to those VLAN clients.

We don't have many VLANs in the office, only one or two, for this discussion the important one is the phone VLAN 10. The pbx acts as DHCP server on VLAN10, IP phones will be connected to Netgear M4300-52G POE switches. IP phones and the pbx itself should be allowed traffic to the internet and traffic from default VLAN1 to phone VLAN10 should be allowed (and managed through firewall if possible) as well.

I've attached a diagram of the network to this post to clear things up. It should be simple. Create routing interface for VLAN 10 on the POE switches, give VLAN clients the switches routing interface as gateway, configure a static route on the firewall for VLAN10 with the switches management IP as gateway. Do I need a default route on the POE switch though? The POE switches management adress is not seperated from the default VLAN1 normal network so creating a default route to the firewall results in an error saying that the default route cannot be in the same subnet as the management IP.

I'd appreciate some pointers (literally every help to get my thoughts going) if you have questions please don't hesitate to ask I'll get back to you as soon as I can with as much detail as I can provide.

Kind Regards