I want to build a travel router that I can use to create a secure access point on unsecure networks (e.g. hotels) and route my traffic through NordVPN. Currently, my plan is to load pfsense on a low to mid spec Protectli Vault. I also want to include an IDS, adblocker, and network monitoring tools (with TCP dumps to Wireshark).

My question is: How would this setup be limited due to my traffic always being under a Double NAT? I assume that UPnP is off the table (which doesn’t matter to me), but will this also affect my VPN connection? Is there a way to avoid the double NAT when using the router at home?

Additionally, any suggestions for router firmware, hardware, or plugins/software would be appreciated. 👍