I'm looking for my AHA moment as I just don't seem to understand the terminology in the settings of this switch.

I have a router on Vlan 1 which is 10.10.0.1/24 with a static address of 10.10.0.91

I also have this switch on Vlan 1 at 10.10.0.90

I have my general network on Vlan 10 which is at 10.10.10.1/24

I have a IOT network on Vlan 20 which is at 10.10.20.1/24

I have an additional network on Vlan 30 which is at 10.10.30.1/24

I have a static route with destination of 0.0.0.0/0 with next hop of 10.10.0.91  Interface Name VLAN1

This should give access from Vlan10, 20 and 30 the the router for internet access, Right?

This should NOT allow ANY other access from one Vlan to another, Right?

BUT!  From Vlan 10, I can ping ANY device on ANY Vlan, with the exception of the switch at 10.10.0.90.  WHY?

I added