If you ever wanted to step away/step up from the store bought Routers, I would look into pfSense Routing...When I switched a little over a year ago it was the best thing I did. I am running pfSense on a
Qotom Box. If you have Gig Fiber for Internet, be sure to get a box that can handle the traffic/processing. Mine is a 4 port i5 5th gen Intel Proc. I went with TP-Link managed Switches, these switches Rock!!! They are extremely fast and half the price of Ubiquiti. Not putting down Ubiquiti equip., but for the 5 switches I ended up with (
24 port POE,
24 port,
16 port, two
8 ports) and two Access Points I could not even come close to all of this equip, with Ubiquiti.
If you want more security, separate LANs, you may consider VLANs, I have a Managed VLAN, a Private VLAN, a Guest VLAN, a IoT VLAN, a Camera VLAN, an Alarm VLAN. All independent LANs. Private can get to them all but none of the other VLANs can get to my Private VLAN, Guest and IoT only has Internet access, Camera VLAN has no Internet access, my Alarm VLAN only is pushing notifications to IoT VLAN SmartThings hub (will be retiring ST with my Habitat hub). So many have told me I have way too many VLANs
, at home this works for me, not that hard to manage, for large networks though all these VLANs would/could be a nightmare.
Also you don't have to go top of the line switches, like I did, TP-Link has their Easy and Smart lines of Layer 2 (L2) switches that support VLANs too.
I encourage you to watch this, it explains a lot about the Store Bought Routers:
Asus Routers do support OpenVPN, prior to my pfSense box, I had a
VPN Server running on my Asus AC3200 and came in to my network via OpenVPN, on my phones and tablets, even there is a PC client. It worked good. I even played with the VPN Client on the Asus router connecting to
ExpressVPN, back then, it worked but I would not recommend. I have
SurfShark VPN now for traveling, only use it if I am on someone else's network, hot spot, hotel, coffee house, etc.
HTH
