I'm trying to figure out how to configure a newly flashed OpenWRT device in a specific way. Details below.
What's my setup:
The main router (running proprietary firmware) is providing "normal" internet access via Ethernet or Wi-Fi.
The OpenWRT router (Xiaomi AX3000T) is connected to the main router via LAN. It's accessible to all devices in my local network. Currently, it doesn't have WAN access to the global net.
What I want to achieve:
The main router is providing regular ol' internet access, fast and reliable.
The OpenWRT is providing a different wireless network, tunnelling all traffic through VPN with some fancy encryption (?) going on (e.g. socks). It may not to sit on the same subnet the main router provide, if that's easier to realize.
In my quest to realize this setup, I was pointed to a certain Wiki article: https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap It looks close enough to my ideal setup, but I don't like how the "dumb AP" isn't left to think for itself. This comes in the way of VPN, doesn't it? With that in mind, I'm utterly confused as to how to proceed in my configuration. Is my idea even achieavable? Any advice would be great, thank you.
Where is the other end tunneling to? Is it going to a commercial VPN provider? Another device you own?
You actually want the AP to be as dumb as possible, so all the important network management stuff happens on the router, as it should. Or do you want to tunnel wireless traffic between the AP and the router through a VPN?
Can you tell us the end goal you want to achieve that you think would be solved with a VPN? It's not completely clear to me what it is you want, and it appears at first glance there's some confusion regarding the purpose of VPNs.
Where is the other end tunneling to? Is it going to a commercial VPN provider? Another device you own?
The former, pretty much. A rented server.
Can you tell us the end goal you want to achieve that you think would be solved with a VPN?
Access to some websites that I otherwise don't have. Having a router-side network would heavily reduce the amount of configuration required client-side.