Hi there So I'm not really that knowledgeable when it comes to networking. I currently have a reasonably simple network at home consisting of two IP ranges (if that's the right way to describe it): IP Range 1: Bridged Modem > Router 1 (on 192.168.1.*) > general IP Range 2: Router 1 > Router 2 (Asus RT-AC68U on 192.168.2.*) on Express VPN openVPN connection > Anything I want behind the vpn. Currently: I'm looking to add a 3rd IP range for CCTV, but I want to give it internet access for the remote app, and im contemplating how to block it off (would forcing it onto a VPN do this or would I just use a firewall? or is both a good idea?). I'm thinking it's time to re-evaluate what I'm doing now. I have the following assumptions: I will be buying google wifi (or whatever works well and easily) I will be buying an NVR (hikvision nvr is likely) I assume the NVR acts as a DHCP enabled router on it's own IP range. I am looking to update my Asus RT-AC68U to merlin and maybe incorporate split routing. My bright idea: I think this might be the simplest design... I'm all ears for any input. I have some additional spare routers that I can use if need be (an ASUS DSL-AC68U, Netgear D7800). I'm also not afraid of diy router pc but I really don't know if I can be bothered anymore. It's been a few years since I looked at iptables or any form of routing smarts and I'm starting to become energy conscious. I'm happy to purchase a new router(s) if it makes life and management easier. Feedback is appreciated Cheers! Nik.