@Houseofdreams_ to put the AP on the MGMT vlan, make VLAN 70 untagged OR leave it tagged and set VLAN 70 as the management VLAN in the AP's configuration.

I'm also curious why you defined MGMT as an interface in Omada.  I would assume that you'd created the interface in pfSense so the Purpose in Omada is VLAN.  All of my networks in Omada are defined as VLANS except the default because I can't delete it. 

In a related note, the only VLAN Interface enabled on my switches is my management VLAN so it can get an IP address and that VLAN is set as the Management VLAN.  You may have a phantom interface or service somewhere, but no haunting.

  @D-C 

A bit of good news, a least today. 

I decided to move the controller back to the 10.10.10.x MGMT lan in pfsense, as the AP allready got a address in that range and the DHCP server started working again. (still no idea why it stopped working / started working again, but hey,it works so....)

Really stable today, no offline/online messages, VLAN's are working, AP is connected... 

Time for another question I'm hoping you have the answer :) 

I configured the switches with the web interface, as I didn't yet find a good (beginners) tutorial, how to do it in the omada controller. When I now adopt the switches in the controller, are all these settings erased and do you need to re-configure them in the controller?

Would be nice if the settings were saved, then I could see how a trunk port is setup in the controller. 

@Houseofdreams_, yes all of the settings are wiped so be sure to make a backup.  It's not practical to import the network device settings into the controller because in an SDN a lot of the configuration items are shared.  Just like how you can configure the WLAN Group once and push to many APs, you can create a "Port Profile" and reuse it too.

Using the diagram you posted, you can create profiles (Site Settings->LAN->Switch Profile) such as television, trunk-pfsense, trunk-default, trunk-tv, lan-device, ip-phone, camera, iot-device, and access-point.  Each unique VLAN config would get it's own profile; many of the other settings can be overridden per port.  I like to create a profile even if it matches the default profile for the VLAN itself because you can't edit the default later if you want to change something.  You can skip some of the profiles in my list (it's just an example anyway) if you choose to use the default.  The Port Profiles can all be created before adopting the switches to minimize downtime too.

Once the switch is adopted, you can just start applying the Port Profiles to each of the switch's ports. For example: Switch 2, Port 13-15 would get the "ip-phone" profile; Switch 1-sfp1 and switch 2 ports 25 would get the "trunk-tv" profile.  The ability to share the profile across ports and accross switches saves a lot of time and reduces configuration errors. 

One word of caution is that when you update a profile that's assigned to a port, that change will be pushed to out to all ports on all switches with that profile when saved.  In standalone mode you could only break one thing at a time, now you can break everything with one click.  Hoep this helps and good luck!

  @D-C 

I would like to thank you for all the support!  For now, I think I will keep the switches outside of the controller, as I'm used to this way of configuring. Maybe later, when I have a bit more time, I will have another go at importing them (maybe just 1 backup switch, to play around with, for testing/learning)

For now, it all works, is stable. Today my 3 new AP's (EAP610's) are coming in, When these are installed and working, wireless coverage shouldn't be an issue anymore :)

Again, thanks for the help!