SSL error with an Opnsense

[Brainstoming]

Hello,

I can't put my finger on the cause of the problem, it seems to me that the Opnsense is generating the problem without really understanding the reason.

I have a lab infrastructure on a cloud infrastructure at Hetzner.

I have a few servers: a domain controller, two RDS managed by a broker on another server.
To this infrastructure I've added an Opnsense, which is the only one with a public IP to manage filtering.
The servers only access the WAN via the firewall.

For several days now, my servers have been unable to access certain websites.

The tracert to a website shows me that everything goes out correctly:



However, as soon as I open a web browser I get this:



What's even stranger is that I can access google's .fr and .de domains, and a few websites work, but the majority have exactly the same problem.

As soon as I remove the Opnsense firewall, I don't have this certificate problem. That's why I'm posting this puzzle here.

Does anyone have any clues? Or even encountered this kind of problem?

Thanks in advance for your ideas

[Patrick M. Hausen]

The certificate subject that you blurred would be the interesting thing to diagnose your problem. Do you have a transparent web proxy active on your OPNsense?

[Brainstoming]

No i don't have active a web proxy on my OPNsense

[Patrick M. Hausen]

DNS blocklist? Reaching something identifying as braincloud.online when your browser thinks it's talking to google.be is fishy. VPN provider who might in turn have a transparent proxy?

The last IP addresses in your traceroute seem to belong to google alright.

Perform a Wireshark trace on your desktop system and watch if your browser is talking to that same IP address or anything different.