I have set up a TomatoUSB + VPN router connecting to a OpenVPN service.
My ISP uses dynamic IP (and even renews while connected so I cannot "hold" on my IP)
The VPN service uses static IP and allows incoming traffic on the VPN IP.
I have set up the OpenVPN client on the TomatoUSB to connect to the VPN and also redirect internet traffic out on the VPN (redirect-gateway def1)
VPN uses tap, tun cannot be used due to a limitation at the VPN service.
The problem is that when connecting to the external IP of the VPN, all ports are closed. Have tried with a another much slower router with bad througput and OpenWRT firmware - and that works correctly. But the newer router does not support OpenWRT.
Have tried to set up the TomatoUSB in DMZ mode, have tried forwarding ports, and have also tried to write firewall rules in the "firewall" script section that allows all traffic through and DNATs it through.
Still no luck.
On other words, the bug is:
That when a OpenVPN client connection with "Redirect internet traffic" is made, its not possible to forward unsolicted incoming packets that originate from the VPN tunnel (eg that have arrived at the VPN server side) inside the LAN network of the TomatoUSB router.