I also use an RT-N16 and put the latest AIO build on mine as I wanted PPTP from my android devices.
Experiencing an issue where Port Forwarding breaks (for example 8000 external to a webserver running on an internal 192.168.1.100:8000) using both my external IP and DYnDNS address. I consider myself better than your average IT guy with but so far the solution is non-obvious to me (I'm not a tomato guru.)
It DOES initially work! Maybe a day or two at a time. The first time it happened I thought I might have confused it with multiple devices PPTP from multiple IPs with a lot of creation and quitting of tunnels. Over time, that doesn't seem to be the case, it just randomly stops routing properly.
Interestingly, PPTP continues to work, however, I can't access anything (192.168.1.1 to see what the router is doing or the 100:8000 server when I should be on the LAN.) I also can't hit inside (192.168) IP cameras this way either. Remote access to the router is off.
It does answer pings when in this state.
Now it gets extra weird, when port forwarding (from outside with no pptp) and internal lan routing are broken (with pptp):
I can stop using my work WIFI remotely (for instance) and use 4G data, PPTP in and get to the router, webcams, etc. on the 192.168 side and can reboot the router and everything is OK again.
I haven't seen anything alarming in the logs to give me a clue to what's happening. I suspect the WIFI address I use at work is getting cached and times out or getting hung up in some way, although not shown in the connected clients in the GUI.
I'm using 18.104.22.168 and 22.214.171.124 as DNS for the VPN, but don't think that has anything to do with it, otherwise the PPTP settings are all stock 172.19.0.x (broadcast relay mode both, MMPE-128, WINS 0.0.0.0, MTU/MRU 1450).
I have also tried testing this issue from NON-android devices, PCs, etc., when it's happening, I'm confident it's the build and not the devices. The port forwarding always worked on Tomato 1.28. I even VPN'd into customer sites on the other side of the country and tried to come into my inside server with ip:8000 as a test from a completely unknown to my router IP.
Going to poke at it once I'm home so avoiding restarting it unless I have to get to something for work.