Hello,
I can't put my finger on the cause of the problem, it seems to me that the Opnsense is generating the problem without really understanding the reason.
I have a lab infrastructure on a cloud infrastructure at Hetzner.
I have a few servers: a domain controller, two RDS managed by a broker on another server.
To this infrastructure I've added an Opnsense, which is the only one with a public IP to manage filtering.
The servers only access the WAN via the firewall.
For several days now, my servers have been unable to access certain websites.
The tracert to a website shows me that everything goes out correctly:
(https://i.ibb.co/N1TFSLp/tracert.png)
However, as soon as I open a web browser I get this:
(https://i.ibb.co/59ncXtx/cert.png)
What's even stranger is that I can access google's .fr and .de domains, and a few websites work, but the majority have exactly the same problem.
As soon as I remove the Opnsense firewall, I don't have this certificate problem. That's why I'm posting this puzzle here.
Does anyone have any clues? Or even encountered this kind of problem?
Thanks in advance for your ideas
The certificate subject that you blurred would be the interesting thing to diagnose your problem. Do you have a transparent web proxy active on your OPNsense?
(https://i.ibb.co/PYk2gj2/cert2.png)
No i don't have active a web proxy on my OPNsense
DNS blocklist? Reaching something identifying as braincloud.online when your browser thinks it's talking to google.be is fishy. VPN provider who might in turn have a transparent proxy?
The last IP addresses in your traceroute seem to belong to google alright.
Perform a Wireshark trace on your desktop system and watch if your browser is talking to that same IP address or anything different.