Well after these whole hours I might say that the issue can be on the HAProxy side, but I cannot say why ...
HAproxy is configured to the WAN IP on port 443/80.
If I disable the HAproxy I can connect to the web servers, but not if HAproxy is enabled.
Why?
Shouldn't the 'routing' between the LAN and VPN interfaces be dealt with without passing thru the WAN?
It seems that traffic goes to WAN ... and is being intercepted by the HAproxy .
I'm confused .. or I'm missing a big issue in here ...
JG