The VLANs should be in seperate zones, as the devices in the different VLANS should not communicate witch each other. The Zones are needed because the zones will later recieve more comprehensive rules. The firewall zones are as follows:
Now the Problem is that if the two VLANs (intranet and isolated) are in seperates zones, the devices in isolated zone do not recive an IP from the DHCP. If there is no zone seperation, it works.
Your current setup seems to have a configuration issue. The first two VLANs must remain assigned to the LAN and WAN physical interfaces as outlined in the screenshot below.
Selected the correct physical interfaces in the Physical Settings tab.
Once these configurations are in place, you can assign the VLANs to separate firewall zones and apply the required rules to ensure they operate independently as intended.