TomatoUSB

Hello, community!
Firstly. sorry for my English, it's not mother tongue for me.

And secondly, I've a problem…
Today I installed Tomato Toastman mod on my WR3500L. So, it's great, cool and wonderful! It's firmware has all, ALL what I need, but I can't get access to the Internet :(

Provider requrements:
static IP (172.27.25.86/24), static gateway (172.27.0.11) and static DNS (172.27.0.4) for access to local provider's resources
PPTP-VPN for access to the worldwide Internet

Hours in Google gave me ONLY ONE instruction, set static configuration on Basic Setup tab (web-interface), add static route to VPN-server throught local gateway and put script (below) in firewall settings.
So, I set static configuration as
WAN IP 172.27.25.86
mask 255.255.255.0
gateway 172.27.25.254
In LAN section set DNS 172.27.0.4
In static routes page add route to VPN-server
In firewall scripts add next lines:

sleep 5
login=*mylogin*
password=*mypassword*
server=172.27.0.11

if=‘nvram get wan_ifname`
gw=`route | grep default | grep $if | awk ’{print $2}'`

/usr/sbin/pppd plugin pptp.so pptp_server $server mtu 1460 mru 1460 user "$login" password "$password" noauth nobsdcomp nodeflate persist usepeerdns defaultroute lcp-echo-failure 5 lcp-echo-interval 30 sleep 5
route add default ppp0
route del default $if
iptables -t filter -A FORWARD -i ppp0 -m state —state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.20.0/24 -d 0/0 -j MASQUERADE
iptables -t filter -A FORWARD -i ppp0 -j upnp
iptables -t nat -A PREROUTING -i ppp0 -j upnp
iptables -A FORWARD -s 192.168.20.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.20.0/24 -j ACCEPT
iptables -t filter -A FORWARD -i vlan1 -j upnp
iptables -t filter -A FORWARD -i vlan1 -m state —state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i vlan1 -j upnp
iptables -t nat -A POSTROUTING -o vlan1 -s 192.168.20.0/24 -d 0/0 -j MASQUERADE
#iptables -A FORWARD -i ppp+ -j upnp
#iptables -t nat -A PREROUTING -i ppp+ -j upnp
redial &

Rebooting router and… have no access to the Web :(

What's wrong?

Why, why, why? How could you possibly google out something like that??

• Get rid of your firewall script!!
• If instructed by your provider to setup static routes to access local resources, add them to the "MAN" interface, do not add them to "WAN". DO NOT add a route to PPTP server if your ISP hasn't specifically told you to do so.
• Make sure to check "Use received DNS with user-entered DNS" on "Advanced -> DHCP / DNS" page.
• Setup the WAN Connection as following:

Type: PPTP
Username/Password: your PPTP-VPN credentials
Use DHCP: unchecked
IP Address: 172.27.25.86
Subnet Mask: 255.255.255.0
Gateway: 172.27.25.254
PPTP Gateway: 172.27.0.11

LAN / Static DNS: 172.27.0.4

Great thanks, man!

I done all as you sad, so all works!
Yes, special route to vpn-server isn't needed, for simultaneous access to "internal" provider's resources and worldwide should add routes via MAN interface.