Yes, a diagram will certainly help. You are dealing with the overall physical connectivity plus the complications within the IP addressing/subnetting.
If you google "PFSense Diagrams" you will find a wide variety of possible templates - not necessarily a match for your environment per se but will give you a general sense of the big picture involved.
I can see/understand that the tenants are on 10.1.x.x but not sure about the intended purpose of /23 on LAN2 versus /24 on LAN1. Not a criticism - just curious; especially since it failed on PFSense. Isolation of LAN1 from LAN2?
You are also being very generous with the size of the available DHCP ranges in LAN1 and LAN2. Probably not a factor with regards to the problem itself - just that the network probably could not handle that much traffic if all those IP addresses were in use.
Also interested about the WAN being 192.168.0.x and the LANs being in the other private range; i.e., 10.1.x.x The Shaw is issuing 192.168 addresses and the ASUS 10.0.... addresses.
Again, I think a diagram will really help especially if you show all components (wired and wireless) and the subnetted groupings you require. Who can communicate with who, share network resources (if any) and who has internet access or not.
With any luck someone here can take one look at the diagram and say "aha" go do this and that: all fixed.
I am always learning myself: sometimes the hardest part is understanding the problem.......
Will be watching for the diagram. Thanks.