As Edison says if you use vlan 1 for any clients then you need to look at option 1.
I would not use vlan 1 for management, use any other vlan that is not in use for any clients/servers.
It's difficult to go with either option without a full description of topology but i would tend to do all inter-vlan routing on the switch. This means that the link between the router and the L3 switch would be a L3 point-to-point link. As Edison says, this would waste a whole class C in your addressing scheme but
1) it needn't if you subnet it down to a /30
2) It is private addressing anyway so hopefully you should have enough spare addressing.
I don't think their is a right/wrong way to do this to be honest.
In general, when doing LAN routing, try to do it on L3 switches since many are often considerably faster than "pure" routers.
You should not need to trunk the VLANs to the router unless you wanted to do another variation for redunancy. A redunancy design would have both your L3 switch and router as HSRP gateways on all VLANs, the L3 switch being primary. If the L3 switch fails, the router would take over inter VLAN routing. (This only works as long as router isn't connected to the L3 switch. Also, depending on the physical topology, a trunk alone from the router may be insufficient.)
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...