[3141pi]

I have been looking at the Netgear Nighthawk X4S R7800 router.

I currently have a Netgear AC1450 with DD-WRT.

I use PIA as my VPN.

My AC1450 is NOT setup for PIA.

I have numerous devices - phones, laptops, PCs and Roku.

The PC is a wired connection and I use the PIA app and plan on using it going forward.

What I would like to do is be able to allow some devices to use the VPN and other devices (such as Roku) to not use a VPN but just connect using my ISP (Cox).

Also - we need to get some medical devices which are requiring us to hookup (IoT) to the net.

I would like to restrict those IoT devices to Guest access only - either VPN or just through our ISP.

I think I need two routers.

One like the AC1450 for ISP Guest (iOT) and non-Guest (Roku) access and one router (R7800) to handle VPN (phones, laptops) and Guest VPN (IoT).

No one is a gamer in our environment.

I don't know if the R7800 is the right router - it looks quite capable but I don't know if this configuration is possible.

I don't think I am technical enough to do this (although I'd give it a try) so I don't know if there is a service that could do this.

I should also add I am trying to future proof myself as much as possible. I am getting to the age where I don't want to try and keep messing with this stuff.

I do have a high speed connection - 150Mbps.

Any thoughts?

[bushant]

My guess is the 1450 is capable of installing and handling PIA OVPN. It's pretty easy to set up. Then everything you are trying to do can be handled through Policy Based Routing on VPN setup page.
The 7800 is one of the most capable routers on the market IMHO. R7500V2 also. If they won't do it nothing will.

EDIT: Port Forwarding (if needed) is a bit of a hassle to set up for PIA VPN on router but can be done.

[Per Yngve Berg]

The R7800 can do it all.

If you need more than 4 wired ports, you can add a switch or your old router as an AP (3+3 ports. 2 ports used for the router to router link)

Policy Based Routing can be used to decide which devices uses the VPN.

[securedparty]

What I have done with a secondary router is set that up as the VPN router.

If the AC1450 is your main router and gateway with IP ending in .1,

and the R7800 is your secondary router running VPN with IP ending in .2

then manually config the devices to use address ending in .2 for their gateway.

No need for scripts, just set the device gateway manually.

[sweatbee]

I do what you are trying to do on my r7800

Two lan ports are bridged with primary wireless network and the other two ports are bridged with the guest wireless network.

The primary network is protected by PIA VPN using policy based routing. The guest network (lan and wireless) does not go through the VPN. It's used for Rokus, Amazon Echos, smart switches.

Here are the links to my journey in getting it set up.

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=313472&highlight=

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316103&highlight=

Good luck with your journey.