Comfast CF-E538AC & OpenWrt

Dear All;

I hope this will be the correct forum. I'm in a crossroad with this router; I'm not able to modify the configuration and I have a lack of kowledge to create a build for it.

I have bought a comfast CF-E538AC: https://comfastwifi.us/comfast-cf-e538ac-1200m-access-point-poe-gigabit-all-ap-router-wireless

The router has 8MB/64MB and has been compiled with a openwrt build (ramips/mt7620/). I have the root password, so I can connect to the router via SSH and change configurations.

The main issue I have is related with the firewall, I have set up the router with the build in comfast webpage as a AP (like shown in this video: https://www.youtube.com/watch?v=Bys2PnIvrhA):

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd1a:161f:534f::/48'

config interface 'lan'
        option type 'bridge'
        option force_link '1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ifname 'eth0.2 eth0.1'
        option ipaddr '192.168.1.5'
        option macaddr '20:0d:b0:75:4c:60'

config eth0.1 'def_lan'

config ap 'workmode'

config interface 'wan'
        option macaddr '20:0d:b0:75:4c:61'
        option proto 'dhcp'
        option type 'bridge'

config eth0.2 'def_wan'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '5 6t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '4 6t'

config 20:0d:b0:75:4c:60 'def_lan_macaddr'

config 20:0d:b0:75:4c:61 'def_wan_macaddr'

config 20:0d:b0:75:4c:64 'def_wlan0_macaddr'

config 20:0d:bc:75:4c:6b 'def_sta_macaddr'

I can connect to it and I can see the computers in my network: 192.168.1.0/24, but I cannot connect to my work VPN. I have tried to change the /etc/config/firewall configuration, but it does not appear to be applied; I have changed some parameters to test and no one appears to work despite I have done uci commit... The Iptables shows:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT

I'm also evaluating to create a firmware for this router, but I need a lot of time. May someone could help me in order to modify the firewall configuration in order to allow the router the vpn passthrough and also to build a openWRT firmware for this router.... (this is the current firmware: https://drive.google.com/file/d/17GBTOJoeEbEMFJkFAGjtH7va-DbQcOjc/view?usp=sharing); do you think that I could use this one? https://downloads.openwrt.org/releases/19.07.3/targets/ramips/mt7620/openwrt-19.07.3-ramips-mt7620-cf-wr800n-squashfs-sysupgrade.bin

Thanks in advance