alright, i found a way to solve the issue,
i activated NAT between vlan 10 and management Vlan.
so when the client try to reach the web admin, the traffic flow inside the vlan 10 and then the packets are sent throught the management vlan to catch the AP, packets are nated with the ip adress of the management vlan 's gateway.
And now it works,
the explanation might be this :
till the source ip of the host client is known inside the aruba AP.
client send frame through the AP to the firewall to reach the gateway.
then the packets goes into the management vlan to the AP.
the Ap match an ARP entry coresponding to the client PC and send the packet directly to the PC, Which mess up totally the TCP session and connection does not occur.
that could explain why this is now working thanks to NAT.
thank you for your help :)