Is this a VLAN tagging/switch config issue? Unable to ping Router Client, but Client Client works.

I'm having routing trouble that I believe may be a VLAN tagging issue.

Here is the equipment:

192.168.2.0/24 - The LAN 10.42.88.160/27 - Vendor Network Router (Cisco RV345) Port 1 <=> Switch VLAN1 untagged 192.168.2.1 VLAN2 tagged 10.42.88.190 Win10 10.42.88.163 Vendor (Hughes Router) 10.42.88.161 Switch (Cisco SG300) Port 10 <=> Win10 Port 14 <=> Vendor Port 18 <=> Router [ Router ][P#1] <=> [P#18][''''''''| | Switch |[P#10] <=> [ Win10 ] |........][P#14] <=> [ Vendor ] 

• Everything is basically on the VLAN1 subnet, except 5 devices, these 5 devices need to talk with the Vendor device on the VLAN2 subnet. 1 of these devices is internal to the LAN, and is working fine (the Win10 device). The other 4 devices connect to the Router via a Client To Site VPN tunnel (which is working), but they cannot communicate with the Vendor device. I am trying to troubleshoot this issue by verifying the Router can communicate with the Vendor device.
• All VLAN1 traffic is working fine.
• Client devices on VLAN1 can ping the Router at both addresses 192.168.2.1(VLAN1) and 10.42.88.190(VLAN2).
• Win10 can ping the Vendor. This does not hit the router though: Win10 <> Switch <> Vendor.
• The Router cannot ping Win10 or Vendor.
• Factory settings on the Switch have all ports listed as Trunk ports, with VLAN1 untagged on all ports.
• Win10 and Vendor do not need any VLAN1 traffic.
• There is no CLI access to the Router (there is a console port, but appears to be non-implemented).
• I believe there is CLI access to the Switch (although I have not accessed it.)

I think this may be a VLAN tagging issue, but I have tried various changes to the Switch configuration without success. I'm not familiar enough with VLANs to know what I am doing. As I understand it, Trunk mode on the Switch ports should ignore any VLAN tagging; the Router does not have an Trunk mode option, and VLAN2 is forced into tagging.

This was working previously, but the Switch and Router were replaced to upgrade to GB ethernet (for a different vendor). The prevous Switch was a dumb/unmanaged switch. The prevous router was a Cisco ASA. The ASA config shows a single VLAN (VLAN1) for the LAN; a separate VLAN (VLAN2) for the WAN interface, and a VLAN (VLAN3) with no interface or IP assigned - it appears to be unused to me.

Here is a snipit of the ASA running-config output:

interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 mac-address xxxx.xxxx.xxxx (x's = mac obfuscated) nameif inside security-level 100 ip address 192.168.2.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address xxx.xxx.xxx.xxx 255.255.255.248 (x's = IP address obfuscated) ! interface Vlan3 no forward interface Vlan1 nameif dmz security-level 50 no ip address ! 

Thanks for any help!