Coax Cable router and VPN question

Hey gang!

I’m on a coax cable network which makes me already feel at a disadvantage seeing as most use the typical RJ45 port.

The thing is is that I want to put a VPN at the router level but, as is often the case, the ISP router doesn’t have that option. It’s pretty well locked down and these routers are a PITA to find out in the wild around here.

So, my question is, would the best way to cover all devices with a VPN be to buy a second router to piggy back off the main router, tinker with some settings and use that as the access point with a VPN instead?

That is correct.
I have done so at two of my internet location and now have my own vpn at both of them.
At some point, I left some part of the network connected to the main isp router and lost access to my media server due to a double nat issue.
Now I have reconfigured it, and all devices are running of new secondary router.

When choosing a router with vpn, I would look for the ones that support wireguard. Wireguard provides double the speed of the openvpn server.
Also , I learned that some routers can run server and client at the same time (like tplink ax53v2) and some can run only server or only client (like tplink deco x50v1). This is my specific requiremen, so perhaps not the big issue.

Much thanks! Networking is probably my least favourite thing when it comes to tech stuff so appreciate the help and the pointers on what to look for!

In this case, would I be able to simply disable the main router’s wifi to not clutter up the network? And would I keep DHCP enabled on both?

I end up keeping DHCP running on both but chose different subnet range on new router.

You will also need to configure static IP for a WAN interface on for the new router. This can be achieved by selecting static IP configuration on new router “Internet / WAN interface” or assign DHCP reservation on old main router to the new router “Internet / WAN interface” via known MAC address.

I moved away from static IP addresses and just use DHCP reservations. This way , in case of router problems, your any device requiring know / static IP still can be connected and accessed if required.

You need to do so, so later you can create port forwarding on main ISP router, which is required for VPN traffic.

Either just use your ISP modem with your own router or ditch the combo unit and get your own separate modem and router. Otherwise you’re going to have to make sure you aren’t behind a double NAT and that can get annoying if you don’t like networking in the first place