Name resolution in tunnel not working if subdomain is proxied


I’m quite new to the cloudflared community (started with ZTNA last week).
I have a funny name resolution problem with my cloudflared tunnel.
I’m using my public domain name internal and external (with local DNS resolution in the internal LAN and cloudflare for public).
I’ve added exception rules for the domain name to the Local Domain Fallback in the client profile so that the DNS resolution should be performed by the internal DNS for clients (resolving to some 192.168.x.y address) connected via the WARP tunnel.

Now if i activate proxying for subdomain sub.somedomain.tld, URLs like https://sub.somedomain.tld:8443 are suddenly not reachable for devices connected through the tunnel. If I disable proxying, everything works fine.

As I would like to keep proxying enabled - does someone have an idea what the problem could be or which settings I have to change?