I have 3 routers to set up, one will be a TOR gateway and others VPN.
I will deal with tor later.
So I use GL-AR150 and AR750s routers, I flashed the new OpenWRT everything works fine.
Installed wireguard, set up interfaces and firewall using the guide from Mullvad's website. Working fine.
One router is considered "dirty" that uses vpn, and the other one is "clean" has no vpn.
Here is what I need to do, combine them in one router. I need to have two 5Ghz wifi connections, one goes through the VPN and probably separate zone, and the other LAN/wifi should just be secure without using VPN. No one will hack into my wifi so that is not a concern. Only 3 devices connect to the VPN. So the question is: how to achieve high security, lock it down as much as possible, and then "punch holes" for what I need. I've been reading OpenWRT docs, and tutorials about networking, cause obviously I don't understand the basics, but it will take time to learn all that, so I would appreciate if you can help me to set it up, for example I need to understand why something is set to accept, reject, or drop, when I need to use mss clamping and masquerading etc. Some things are explained well but I still do not understand how do they relate to security / privacy. It would actually be simpler to draw it instead of trying to explain lol. Thank you!!!
EDIT
Seems that I was trying to do the impossible, that is to have two wifi networks on a single RADIO, in my case 5Ghz. Tell me if I am wrong? But solution is to use both bands, but in the case I need both to be 5G I would have to attach another router.