It'd probably be best if you could post a LAN trace, preferably of both
sides taken a the same time, showing the problem. For example:

Code:
sudo /usr/sbin/tcpdump -n -s 0 -i any -w /tmp/lan.cap
While running that on both sides, do the test as described below, then
post the resulting /tmp/lan.cap file somewhere for review. While getting
the data from one side only may be helpful, having both is really the best
way.

The problem kind of sounds like an ARP issue. Having the firewall
shouldn't matter, and generally speaking it should be up so that may be
worth doing (after allowing desirable services like SSH and SAP), but
either way should work.

Perhaps post the output of the following from the client and server sides
before and after fixing the issue:

Code:
ip neigh
--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...