I have a problem to which I have a work around.
When working on the opnsense box itself I get no access to the internet unless I add a defined static network route.
The DNS servers I use (1.1.1.1 and 1.0.0.1) must have a route defined. I had to define a route for opnsense to use to run the update and now I am seeing lack of connection from Let's encrypt so I have the same problem there.
The interesting thing is that from a computer connected to the LAN port of the opnsense box no such route needs to be defined. You can navigate anywhere you wish. An IP address I can ping on my PC, cannot be pinged using the Interfaces->Diagnostics->ping tool.
If feels like something is wrong, possibly even an option I have or have not chosen by mistake. The system is a basic one with one WAN and one LAN. The WAN uses PPPoE through a huawei HG612, also a fairly common setup I believe.
Any help anyone can give would be gratefully received.