If you run a VPN the ports exposed to the internet are the VPN ports, NOT the NVR ports. If you run the VPN behind say a cable modem you'll have to forward VPN ports to the VPN server.
I agree VLAN is a bit complicated and it does require hardware that can handle it. I've just recently bought some VLAN capable switches and hope to learn about it more myself as I've never used them. Done right it's a network within a network is my understanding, how it works though is simply by tagging specific fields on packets so don't get a false sense of security when it's used...
Crypto - what's your threat? Are you REALLY worried that someone is sniffing the traffic and going to brute force the crypto keys out or do you simply want no one to be able to look at the traffic and grab credentials and whatnot? While good crypto is "better" you have to assess the threat. If it's not super duper secret data being protected from nation state intel services maybe you don't have to turn the dial up to eleven if it slows things? Run what makes sense! I used to run PPTP for a VPN, it was simple to setup and "easy" to break but my threat was joe average at the bar while I ate dinner so I didn't care. The more valuable the data the higher the security precautions but if taking precautions is simple or free do it. No security is a big problem because at that point the network resource itself is the prize, you need to make it hard enough they go elsewhere
On my asus router, its very easy changing the encryption cipher from default (Blowfish) to AES-256-CBC, or some other cipher if you want.
For AES, you can choose 128, 192 or 256. Thought it was interesting they added 192, I guess if you are worried 128 bit is not enough, and 256 is too slow.
I found this post
OpenVPN - estimate performance via OpenVPN
where someone measured the speeds for aes 128 and 256. Around a 7% difference, which I can live with.
It's a overclocked ac68, so speeds are 20% faster than my stock 68p, but for this I'm more concerned about the relative difference.
I changed to aes256 this morning, works fine, and for domoticz, which is very low data anyway, no difference in speeds.
The most work in changing was implementing my new, random password lol
BTW, for just video and cams, I don't think security is a big concern.
I'm more concerned with keeping bad guys out of my network in general, and as I implement more in Domiticz and IOT, I want that part secure.
Randy