Internet

How to configure Instant Guard VPN on ASUS Routers and WiFi Mesh

As you can see, the process to connect to our home local network is really simple. Next, we are going to explain step by step everything you need to do to start browsing safely when you are away from home.

Prior configuration of the router or WiFi Mesh

The first thing that we must configure in the router is the Internet connection, depending on the Internet operator that we have, we will have to configure it in one way or another. Once we have successfully configured the connection, we must ensure that the router has obtained a public IP address on the Internet WAN, otherwise we cannot connect from outside the home network. In the main menu we should see that the WAN IP is public, as you can see here:

Once we have made sure that the router has obtained the public IP address correctly, we are going to go to the «WAN-DDNS» to configure dynamic DNS, one of the fundamental services if we want to remotely access the VPN server that we will have with Instant Guard.

In this menu we have chosen the server of “WWW.ASUS.COM” to obtain the dynamic DNS, the manufacturer provides us with a totally free DDNS. We simply have to put the name of the host that we want, in our case “redeszone”, click on “Apply” and the host name will automatically be registered and it will start working correctly.

We have the possibility of configuring an SSL/TLS certificate from Let’s Encrypt, in case we enable remote management of the router through the WAN. In this way, in the web browser we can see that the connection is secure because we have a valid certificate. We also have the possibility to import a self-signed digital certificate, but the web browser will give us an error that the certificate is not recognized by any CA. The best thing you can do is to choose the free certificate from Let’s Encrypt.

The process of obtaining the SSL/TLS certificate can take a couple of minutes, so if we go back to the “WAN – DDNS” menu after a few minutes, we can see that we already have the certificate perfectly installed on the router.

Now that we have the Internet connection correctly configured and that we have also requested a Let’s Encrypt certificate to remotely access our router via HTTPS, we are going to see how to activate the server with Instant Guard.

activate the server

To activate the VPN server with this ASUS technology, we simply have to go to the «Advanced Settings / VPN / Instant Guard«. Once we are here, we simply have to enable the server, and then we must choose if we want to connect to «internet only” either “Internet and home local network access«. In most cases we will want both, to access shared resources such as a NAS server, computers connected to the local network, etc.

Once it is enabled, we will have to configure it directly on the clients with the official application of this ASUS technology. We must not forget that this technology is based on the IPsec protocol, so security and privacy are guaranteed.

Customer connection

ASUS Router app is very important nowadays to install, manage and manage our ASUS router or WiFi Mesh system. Thanks to this application, we have the possibility of making quite advanced configurations from our smartphone and tablet. Right now we have it available for Android operating systems and also iOS, you can download it from the official stores:

asus-router
asus-router

asus-router
asus-router

The first thing we must do is open the ASUS Router application on our smartphone, we add our router to the administration, putting the username and password. Later, we can activate the remote administration of the router via WAN, this is recommended to activate it only if you want to access your router through the Internet when you are not at home. Another notable aspect is that we can configure push notifications to notify us that we have firmware updates, or that a new device has been connected to the home network.

If in the ASUS Router application we go to the “Settings” section, we have a menu called “Instant Guard”, if we click here it will allow us to install the app through the official Android or iOS application store. Then, you can directly access the download of the application:

Instant Guard
Instant Guard

Instant Guard
Instant Guard

Once located, click on “Install” to proceed with the installation of the application.

The application will welcome us, we simply have to click on “Administrator” and it will automatically obtain the ASUS Router credentials to proceed with the connection. The main menu of the application is really simple, it will simply indicate if the network traffic is protected or not, we will also see which is the router or WiFi Mesh that we have configured and to which it will connect automatically.

When we click on the connect button, we will get a notification asking us if we want to configure the VPN, we click on “Accept” and it will automatically connect. If we go to the “Connected Clients” section we can see the public IP address of the client, and also the name of the VPN client that has connected to the server.

As you can see, the way to connect is really simple, without having to enter any certificate, password (only username and router password) or any advanced configuration.

If we go to the router menu, we can see the status of the connection. In this menu we will see the remote public IP address (of the client), the status of the client, the time it has been connected, the host name of the device and also the maximum authentication time before reconnecting.

If we click on «check log» We will be able to see a complete record or log of this VPN connection that has been established correctly. If we have some type of error in the connection, it will appear here, although logically this is for advanced users who have certain knowledge of IPsec at a professional level, since we will have all the “raw” information.

As you have seen, Instant Guard is a VPN server that ASUS has incorporated into its WiFi Mesh routers and systems, with the aim of providing its users with a really easy way to connect to the local network securely. In addition, we can also go to the Internet through this server, in order to protect our communications if we are connecting to a public WiFi network without any type of encryption.

Without a doubt, it is one of the favorite ways to connect remotely safely, however, you can also use OpenVPN, WireGuard or the IPsec server that we have available in the firmware. In order of priority, our recommendation would be WireGuard first because it is very secure, fast and easy to configure, then Instant Guard, then OpenVPN because it allows us to configure everything in a very advanced way, and finally the integrated IPsec.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *