Quote:
I gave up, said fuck it, replaced the cheapo router with a SonicWall TZ-170

Seconded. The VPN "just works" on these and you can distribute the VPN client to as many users as you want. They've recently stopped bundling the single VPN client licence with the low-end 10 user models but the licence is £20+tax in the trade so not a biggie I guess.

I recently snagged an unlimited user TZ170 with 6-months sonicwall warranty remaining off eBay for about £65 - while I don't need the unlimited user licence, the Enhanced OS has very granular configuration options. Not that that's doing down the Standard OS - that's actually better in terms of user friendliness, truth be told.