I'm running OPNsense 23.7.4 but only uses it for the nginx plugin and firewall, I open port 80 and 443 to the wan firewall, I have virtual IP to use as carp. my upstream server is pointing on a vm in my syste, I had my opnsense gui to open in a different port.
pfctl -d will let the flow of traffic to my upstream server, but when this is enable it wont let the traffic in. I was able to make this work on version 23.1, but not with 23.7.4 it wont work.
I also have accept all rules on my firewall rules.