Having fully reset and reconfigured my router far too many times over the past few days, three random things I've learnt that I thought I'd share:
- LetsEncrypt has rate limits (https://letsencrypt.org/docs/rate-limits/) including the number of times it will issue a certificate to an identically referenced client (as would be the case if you repeatedly rebuild the same device). Turns out it's 5 per week (rolling 7 day period). Once you go over this you can either wait or use a different DDNS host name (which, incidentally will cause the DDNS client to initially error as it gets upset you aren't using the same host name, but then everything falls into place on its next attempt). Also, seems there is an option to export your certificate too.. I might try this for next time!
- For those using https access, perhaps exclusively, yet not using the fqdn to access the web GUI = you are likely to need to force-refresh the UI quite regularly. The cause for this seems to be the mismatch in fqdn name (presumably we resources attempting to be accessed behind the scenes to build the page), and may or may not be something to do with various ad-block and anti-tracking plugins. The 100% confirmed fix is to use the correct fqdn to access the web GUI, in my case I achieved while still keeping my traffic local by inserting a manual entry a hosts file.
- Again, for those using https exclusively - turns out there's a AiProtect warning page that is displayed when AiProtect blocks some web content a client is trying to access.. though only served up via http.. ie. if you are using https only then the user doesn't see this page but instead a browser error suggesting a network issue, which doesn't help troubleshooting and false positives.