Haproxy blocking more TCP requests than expected

Question

In short HAproxy is blocking my TCP requests while I expect not to be and found nothing in logs.

Here the interesting part of my haproxy file :

global
        log /dev/log    local0 debug
        log /dev/log    local1 debug
        chroot /var/lib/haproxy
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        tune.ssl.default-dh-param 2048
256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA
        ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
        ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
        ssl-default-bind-options ssl-min-ver TLSv1.1 no-tls-tickets

defaults
        log     global
        option  dontlognull
        timeout connect 50000
        timeout client  500000
        timeout server  500000

listen bck_mssql
        bind *:1433
        acl network_allowed src 10.123.0.0/16 10.8.0.0/16 192.168.0.0/16 172.20.0.0/16
        tcp-request connection reject if !network_allowed
        mode tcp
        option tcplog
        server my-server 192.168.1.2:1433 check

Once OpenVPN activated, here is my ipconfig on Win10

Carte inconnue OpenVPN Data Channel Offload :

   Suffixe DNS propre à la connexion. . . :
   Adresse IPv6 de liaison locale. . . . .: <ipv6 here>
   Adresse IPv4. . . . . . . . . . . . . .: 10.8.0.4
   Masque de sous-réseau. . . . . . . . . : 255.255.255.0
   Passerelle par défaut. . . . . . . . . :

Carte réseau sans fil Wi-Fi :

   Suffixe DNS propre à la connexion. . . :
   Adresse IPv6. . . . . . . . . . . . . .: <ipv6 here>
   Adresse IPv6 temporaire . . . . . . . .: <ipv6 here>
   Adresse IPv6 de liaison locale. . . . .: <ipv6 here>
   Adresse IPv4. . . . . . . . . . . . . .: 172.20.10.2
   Masque de sous-réseau. . . . . . . . . : 255.255.255.240
   Passerelle par défaut. . . . . . . . . : <ipv6 here>
                                       172.20.10.1

Any advice on how I can configure to pass with my current IP configuration? Of course if I comment the tcp-request connection reject if !network_allowed I pass but that's not the final target.

When I grep "SC " or "mssql" in HAproxy logs I get absolutely nothing while forcing SSMS to use TCP/IP connections (connections are NOT encrypted).

Thanks for helping.