I don’t really understand why the server can ping things on the 10 vlan and get a response but the things on 10 can’t.
This sounds like VLAN 1 is the Native VLAN, if Omada has such a thing.
A $30 surge suppressor will not prevent this from happening again. You can see the fakespot review, for what it’s worth.
Even a nearby lightning strike will overcome surge protection.
As far as I know and have seen, eliminating the path for the conducted radiation is best, if not the only, way to prevent problems in the future.
A splitter will attenuated the signal. If it doesn’t cause any issues, I would terminate the unused port with a 75 ohm terminator to limit the amount of reflected signal.
The bottom line, it will probably be OK.
I only meant you don’t need to match vendors.
Matching vendors is not necessary. I have Ruckus APs and a Cisco 3750 switch playing nicely with pfSense and multiple VLANs, both wired and wireless.
Before going down either road, check licensing for the equipment you are considering.
The long white ‘cable’ is probably a tube with either a pull string for future fiber or already has the fiber in it. What does the writing say?
A splitter will attenuate signal level to/from your modem. Typically 3-7 dB, depending on the splitter. If you do not have a need to split, the coax, use a female-to-female feed-thru connector. If the signals are already marginal, don’t use a splitter. Check the upstream signal level, before moving the modem. If it’s getting above 42-ish dB, then splitter is a bad idea. The downstream signal level should be above -5-ish dB if you will add a splitter.
I haven’t noticed the S33 getting as hot as some older modems, but I haven’t paid that much attention. If it gets hot, then keep it in the open. Personally, I like to see all of the lights/LEDs.
What is the brand/model of the gateway? Is the gateway a router, modem or both?
In all likelihood, the ‘modem’ is a router and each apartment is on a switch port routed through the ISP’s router.
A firewall-only solution will protect the devices that you have connected to the ethernet port in your apartment. Juniper, Xophos, etc.
A firewall-only solution is not typical of consumer-grade equipment. If double-NATing is not a problem, your own router is the solution.