Firewall/NAT

I have a really wierd problem, and I cannot seem to debug it.
The setup is virtual, and is the following:
WAN - DHCP public ip
LAN - vlan101 10.1.1.0/24, gateway 10.1.1.1 (server network)
OPT3 - vlan106 10.1.6.0/24, gateway 10.1.6.1 (klient wifi network)
OPT2 - vlan107 10.1.7.0/24, gateway 10.1.7.1 (guest, capture portal network)

The monowall is a drop-in replacement for another firewall, and no network has been changed. So the problem is my faulty m0n0wall configuration .. somewhere.

I have left everything default. NAT, default no advanced stuff. Firewall has ANY/ANY rules between LAN and OPT3 .. OPT2 only has internet access.

The problem is as follow .. when I try to access a server on LAN from OPT3, I will get denied on rules. This only happens when the source port is +50000. Or at least, this is my observation.
Example log entry: 21:28:15.884485    OPT3 - wifi internal    10.1.6.111, port 51297    10.1.1.14, port 32400    TCP

Notice I have ANY/ANY rules on both LAN and OPT3, so this shouldnt happen?

Any advice?

How are you getting to the server, domain name or IP address?  And is it resolving to an internal or external IP?  We do not do port reflection, so if you are trying an external IP that is nated to an internal IP it will not work...

No, I have an internal DNS which resolves internal ip addresses. But for troubleshooting I have been using only ip addresses when testing, to rule out exactly this problem.
So the log is true, I am trying from 10.1.6.111, and trying to reach 10.1.1.14 on port 32400 .. this is just a telnet test on that port(yes, I have a service listning, but its never reach)