Setting up VPN/VLAN and Dual NIC

[Sonnie]

Here are the diagrams for both networks. I have an extra TP-Link ER605 1G Router that is not being used and a few other unmanaged switches.

I thought installing Wireguard on the Omada OC300 Controller would be the way to create the VPN, and use my domain name to access the VPN network.

 

[The Automation Guy]

Because you have isolated the camera network physically, there is no need to use a VLAN for this and therefore you don't need a managed switch at the gate location. (This is assuming the wireless AP at the gate is only going to be used for a wireless camera and not other non-camera related data).

I see you have the second NIC in the BI machine acting as the "bridge" between the two networks. This is exactly how you would expect to handle it. Just make sure both networks (camera and everything else) are on two different network address subnets. (Perhaps cameras on 192.168.0.X/24 and everything else on 192.168.1.x/24).

 

[Sonnie]

Yep... right now the Internet network is on 192.168.0.x and the camera network is on 10.11.12.x

 

[MTL4]

Here are the diagrams for both networks. I have an extra TP-Link ER605 1G Router that is not being used and a few other unmanaged switches.

I thought installing Wireguard on the Omada OC300 Controller would be the way to create the VPN, and use my domain name to access the VPN network.

Your setup diagram looks great and wireguard for the VPN would also be a great choice for quite a few reasons.

This should help with the VPN setup on the Omada controller:

https://www.reddit.com/r/TPLink_Omada/s/vKKX40UlMU

From the diagram one suggestion is that you could switch over to multimode fiber on the SFP+ ports to make your life a bit easier (fiber is easier at 10G+ IMHO) but again both can work so it’s not a dealbreaker either way.