Iron

How to isolate network equipment from unauthorized access?

In the lyceum where I work as a technician (consider, a system administrator-enikey worker), there was a need to restrict the access of especially curious children to network equipment, which is placed in some rooms. We are talking about routers that distribute a Wi-Fi network to laptops. The decision is necessary not software, namely "hardware". I think something like a box in which the router is hidden. The box is hung on the wall with self-tapping screws and has a lock so that only I have the keys to the box. Most likely, this is something like an electrical panel, maybe other ideas, offer something suitable, maybe from personal experience. In any case, the important fact is that any software restrictions do not work, you need to physically remove the routers. I must say right away that there can be no talk of moving to another place, the router must remain in the same room where it is.
Attention!It's not so easy to change the IP of the server, a lot of software is tied to it, even outside the building itself and my "jurisdiction". Therefore, you can immediately forget about changing the IP server and not even offer it. And yes, all this was done before me, I would not have made a network like that, but I have to put up with what I have.
=====AHTUNG! AFTERWORD, READ AT DESIRE! ======
You ask, why do I need it? I'm telling. A few days ago, my working day was filled with joy and fun, when suddenly, in broad daylight, the Internet in the building died. It would seem that the hub is dead or something on the server. I changed the hub to other models that were still in stock, I even suspected that if the hub died, I would have to beg for a new one from the authorities, and begging for 20k for a hub and not solving the problem would be worse for me than death. Therefore, I checked the network one by one, connecting gradually to the hub. I will not describe my moves for a long time, but in the end I went to a router that had the same IP address as the server. The fact is that the server on the network has IP = 192.168.0.1. And as many people know, usually routers have the same IP after reset or upon purchase. In total, we have an apparatus dropped by some playful handles, which began to be duplicated with the server and naturally extinguished the normal operation of the Internet. The reset was, as I suspect, in an attempt to connect to the default Wi-Fi, which can also be activated using the button on the back of the router. That is why I am looking for a way to restrict anyone other than myself from accessing the device.
================================================= ====