Mikrotik

VLAN settings on mikrotike?

There is a Mikrotik router, its local network is in the factory range 192.168.88.1/24. The Internet comes to the sfp port via optics.
The second local network 172.20.15.1/24 comes to port 8.
I sketched an approximate scheme:

In the second local network there is no dhcp server, and no gateway (router). There are a number of devices there, all devices have static IPs set and they interact with each other.
The task is to make a separate vlan for the 8th port, or if you offer another option, you can do it without vlan.
It is necessary for me that devices from the second network do not receive addresses via dhcp from the local network of Mikrotik, if suddenly there is a device on the second network without an assigned static address. But at the same time, so that the devices from the second network are available when accessing them from the first Mikrotik local network. And also that Mikrotik would give the Internet, in addition to its local network, also a second, neighboring network on port 8. And it was also possible to carry out forwarding from a white, static external address on the sfp port to certain devices on the second network.
I tried the following according to the manuals from the network:
1. Through winbox in Interfaces -VLAN, create a VLAN with the name vlan50 and specify VLAN ID: 50, and in Interface: 8 mirotik port (ether8-slave-local). All other parameters of the created vlan left by default.
2. Further in IP - Addressess I added the range: By specifying address: 172.20.15.1/24 , Network: 172.20.15.0 , Interface: vlan50
3. Further in IP - FireWall - NAT I added the parvilo Chain: srcnat , Src. Address: 172.20.15.0/24 , which, according to the manual, should allow clients to connect to the network.
But it did not give the desired result... Devices from the second network are not visible from the local network of Mikrotik. And also port forwarding does not work on devices from the second network ...