With a VPN server in your home you can access the devices in your home LAN from outside, and protect the connection of your devices outside the home that are using free or untrusted wifi networks, plus probably bypass some firewalls.
To do this, the VPN server needs to be accessible from outside your LAN, which means your Internet Service Provider has to provide you a public IP or at least a dynamic but non-shared IP. This is a question you can ask to your provider. Static IPs are usually a paid service, it's uncommon to just hand them out to everyone because they are a finite resource, and are not enough for everyone.
If you have this, then you can install a Wireguard server on a device in the local LAN and then to a port-forward in the existing Asus device for the Wireguard default port number (they are shown in most tutorials, and you can also change them to custom port numbers) so that all your devices that want to connect to the VPN server will be redirected to the device in the LAN.
Internet speed during peak times is lower because the LTE tower you are connecting to is experiencing more traffic from other people, and the cable between the tower and the rest of the Internet is not big enough to handle that.
Even with a faster CATxx modem you can't change this. Yes your speed between the home and the tower is faster but then everyone goes to the same cable anyway, and in places where "net neutrality" laws exist (more or less everyone that is not in the USA), the available speed is split equally between all users. The speed you pay for in the contract is a upper limit. So you will get UP TO 100 Mbit up and 20 Mbit down, for example, but everyone will go at same speed if the tower has to split available speed between users.
This is a problem also for people with wired internet if the local infrastructure is overbooked and overloaded (in my place it is), as DSL or fiber also work in a similar way. The cable from your home is going to a "local aggregator substation" that takes the traffic of all homes in an area to then send their traffic through a single bigger wire to other network infrastructure.
There is not much you can do about it with a single device and a single Internet Provider contract, because that single device will connect to the closest tower to give you the best speed already, and the provider cannot make you "go faster" due to net neutrality laws (note that to make you go faster everyone else is going slower, because the total amount of speed available does not change even if someone has VIP access).
If you get more than one internet contract, possibly using a different internet service provider (either on LTE or DSL or whatever else), then you can do some basic traffic aggregation from a Openwrt router connected to both modem devices over ethernet with mwan3 package to spread your internet access through more than one modem (and internet contract). So that when a line is full the other requests can be done over the other line.
Or you can go all-in and use true bonding, which is actually doing a sum of the speeds of the connections you are using together. But this is non-standard network traffic so it requires you to use a specially modified OpenWrt called OpenMPTCProuter, that runs on fewer devices than OpenWrt (also because they need a good CPU to do this job), and requires also to rent a cloud server (can be done for cheap) to act as aggregator that will receive the non-standard network traffic and convert it back into normal traffic that can be received by other services on the Internet.
I'm actually doing this for my home network, because I live far from the city so land-based internet sucks, and LTE speeds vary depending on time of day as you have also noticed.
So you can see the solution to this second question will probably cost you more money (multiple Internet contracts and modems, maybe a cloud server) and is a bit more complex than the average setup.