FOR~GO
(For Geeks Only)
By Joe Callison
8 September 2020
I had some time during the Labor Day weekend when it was too hot to do anything outside, so I was experimenting with a VPN feature in an ASUS router in the SenCom computer lab. It began as an investigation into the possibility of adding access to a classroom management program running in the computer lab from a remote student’s computer.
Setting up the VPN involved creating a user name and password for the VPN server and choosing a range of client IP addresses that would get assigned by the router as they logged in. The ASUS VPN server will handle up to 30 clients.
I also set up the router DDNS feature so that the dynamic IP address assigned by the internet service provider would be stored to a file at a static DDNS IP address. This storage is handled by a DDNS server which can be any of those listed in a drop down menu in the router, some free and some not, or the free one hosted by ASUS. I chose the ASUS one and so the DDNS address is a name I assigned with asuscomm.com appended to it in the format: name.asuscomm.com. In the event a future connection to the ASUS DDNS server can’t be made, the last known IP can still be found by going to iplookup.asus.com/nslookup.php and entering just the name to get the numeric IP address, which will be valid if the router has not been repowered or rebooted since the last assigned address was stored by the DDNS server. You may already have another existing DDNS server account that can be used if you have IP cameras or other IP devices that can be accessed when you are away from home. If your internet service provider assigned you a static IP address, then DDNS is not even needed.
With the VPN server set up I then had to set up a VPN client in my home computer. Windows 10 has a built-in VPN client that can be used. The settings are in the Network & Internet section or you can click on the VPN button in the Notifications panel. Choose add a VPN and assign any connection name you want to use for it (I chose ASUS) and for the server name or address I used the “name”.asuscomm.com DDNS server address. A static numeric address could be entered if applicable. You can go ahead and enter the user name and password for the VPN server if you want an instant connection or leave them blank and when attempting to connect you will be prompted to enter them. I chose to enter them in the settings.
When I look at my available connections, I now see one called ASUS in addition to my home wi-fi SSID. If I connect to the ASUS, then it establishes a connection to the ASUS VPN server located in the SenCom computer lab in addition to being connected to my wi-fi. I tested a connection to kcsenior.net using tracert in a command prompt to verify that indeed the connection was first routed to the DDNS server address, which would point it to the ASUS router with the VPN server before going out to the server hosting kcsenior.net. Also when I went to my Google browser it wanted me to verify my computer for security because the VPN made it look like a new device was trying to access my Google account.
If your home router has a VPN server option, you can set it up as I have done in this example. The DDNS feature would also be needed if you have a dynamic IP address at home (most likely) and want to use the VPN server when you are away from home. If your router does not have a VPN server you would need to sign up for one of the other free or paid VPN services available or use the VPN feature available in some internet browsers, which only functions when using the browser.
One last thing to note is that a VPN only helps to hide you from being tracked on the internet, it does not necessarily add security unless you also encrypt the transmissions. That is another advanced VPN setting available in the ASUS router that has to be enabled. I have not yet researched how the encryption is used if enabled. I assume whatever software you are using would need to be using one of the enabled MPPE encryption types.
