I would put a small wired router in the cabinet. Then you can put further switches and APs wherever you need them in the house.
How fast is your Internet connection?
If you are ok with a pretty technical solution, the Mikrotik RB5009UG+S+IN would be a powerful but passively cooled option (it’s fanless) and a lot of ports for its size, and some ports >1Gbps. Basic setup is straightforward, but for more complex configurations there is a learning curve with Mikrotik. And they don’t have the best wireless AP solutions currently.
TP-Link have their Omada routers, which pair nicely with their APs. You probably have room for one of their small routers and a switch in the cabinet.
For APs there are lots of options. You can use on-wall ones in each room to provide wifi and a few Ethernet ports. The APs from TP-Link Omada, Ruckus, Aruba Instant On and Ubiquiti support vlans. In your office you will probably want a managed switch and an AP.
Oh, and if you go with PoE APs you could go for the more expensive Mikrotik RB5009UPr+S+IN to power the APs. The included power supply can provide about 76watts to power downstream 802.3af/at PoE devices (like APs).
There aren’t any restrictions on what downstream device you can use.
Could be an address conflict. Check the lan address range on your Asus router. If it’s using 192.168.1.x then it’s conflicting with the AT&T gateway. Change to .3.x or .99.x or something else from 2-254.