Odd Admin Web UI Behavior - Connecting to WAN IP instead of LAN IP

[kb8080]

Hello, I've got an odd issue with my OpnSense firewall that I've been having a hard time isolate what is happening. I'm running version 23.1_6. When I try to connect to the admin webUI via FQDN I see in the firewall logs that the connection is being made to the public IP on my WAN interface which is blocked for obvious reasons. Internal DNS resolution resolves to the proper internal IP (10.1.1.1) using my internal DNS server. I can also get into the Web UI via IP such as https://10.1.1.1:8443 but when when using the https://fw.domain.com:8443 it appears (at least from the firewall logs) like it is doing some kind of internal lookup on the firewall to resolve fw.domain.com and returning with the public IP. I do run split DNS where I use the registered domain internally and externally and I handle the records appropriately. Almost presents like the firewall is looking at the header that is passed from the client browser with fw.domain.com and using it's configured DNS servers under Settings>General (which are external only) to look up the FQDN and then directing the client browser to that which in my case would resolve to the public record IP (WAN IP). Odd behavior as compared to any other web UI I use in similar ways that has an internal resolvable IP and an externally resolvable IP. Curious if anyone knows whether there is something turned on by default causing this behavior.