Let me tell you upfront that my networking knowledge is very limited. I've been dealing with this subject every now and then, as I got into the idea of running a small home server a couple of months ago.
For my upcoming master's degree, I will live in a student dormitory that provides an internet connection. I have asked about the details, but I am still waiting for a reply. From my understanding, there are two possibilities: I either can connect a router and control my own network, or I can only connect an access point to an existing dormitory network. For the later option, which would be the worst case due to potential network limitations, I was wondering which of the Beryl AX's functions (like NAS, VPN, AdGuard, etc.) I could still utilize and which I couldn't?
I am curious about this anyway, as I would assume any hotel internet to be configured as exactly this worst case scenario (limited network access; Beryl acts "just" as an access point or repeater).
I would very much like to buy this device, as it seems to offer everything I need, and I could take it on occasional travels as well.
I have a Beryl AX and I use it when traveling as a router and at home as a WiFi 6 access point. What's obvious is that in access point mode, you lose AdGuard and the VPN functionality.
But there's no reason that you must run it in access point mode. Run it in router mode and you'll have your own network under your control and gain VPN and AdGuard support.
You'll have a double NAT because your router is behind another router but that doesn't matter much if you don't intend to have ports forwarded on the main router (e.g. for gaming). Besides, the main router is not under your control anyway so it's not like you can forward ports at will.
I've never used the network storage but it appears to be available in both modes (router and access point).
Do I understand your answer correctly, saying that a second router connected via LAN/WAN to the main one results in a subnetwork, without any problems?
In my previous student dormitory, any second router would interfere with the routing function of the main one. I know that these are not reliable sources, but several Reddit forums agree on this as well.
https://youtube.com/watch?v=GCEZMBY1Lqc&t=58 In this video they outline the mentioned problem, which is solved by basically (or literally) turning the second router into an access point.
That's right. You create your own subnet. That's how I use it in every hotel or Airbnb when traveling (more than 11 stays so far and on an airplane just for the fun of it, to see how it behaves).
The video is describing how to have another router on the same subnet as an access point, to have more WiFi coverage in your home. Fair enough but we're not interested in that.
Your previous experience in the dormitory could be because the IT department were actively managing and preventing unauthorized devices on their network. If that's the case, then you might try cloning the MAC address of one of your "approved" devices. It all depends on how they are inspecting the traffic (if they’re doing that).
When you have it as a router, the main router that's already there will assign it an ip address like it assigns any other device that comes on the network. For example if the current subnet is 192.168.5.0/24, your router might end up with something like 192.168.5.200/24. Then your router will use its own DHCP server to assign addresses to clients that connect to it (your devices) on a different subnet (e.g. 192.168.8.0/24), so your laptop might end up with something like 192.168.8.200/24 (assigned by your router). So there're no conflicts, the two routers are serving devices on two different subnets. Your devices gateway is your router, and your router's gateway is the main router. Your router manages the traffic to the main router. The main router sees all your traffic as if it's coming from a single device on the network– your router.
Sounds awesome! Then my last dormitory must actually have had some setup like the one outlined in the video going on. Because once a second router was added to the network, the connected devices did not know which one to connect to anymore (or were assigned multiple IPs by the two of them).
But exposing locally hosted services will still not work in a subnet because its the main router's job to do port forwarding, right?
Yes. The port forwarding should be done on the main (perimeter) router (the router that connects the local network to the internet). Sometimes trying to port forward on the main router to the router on the LAN (your router) and then forward again from your router to your server might work.
Considering that most likely you'll have no control over the enterprise router(s) you shouldn't dwell too much on this. You might have some luck with Tailscale if you want to remotely access services on your LAN. But as always, it's the classic IT "it depends" case.