ESS and Vista interfering with a local HTTP box

The title kind of says it, but I'll describe the situation.

I have Linux box (Ubuntu 9.10) running Apache2, PHP and Mysql to serve Joomla. The IP is 192.168.10.12 and the hostname is Exia.

Other Linux machines on the network, as well as Windows XP boxes with ESS can get to it and ping it just fine. Vista, for whatever reason, can't. Attempting to ping it causes a timeout, the same for trying to browse to it. As soon as the firewall is disable, though? It goes through. The Vista machines can ping a Linux box without Apache/etc normally.

I'm not sure if Windows 7 will do the same thing, but I'm about to test it.

Any ideas why this is happening and how to fix it?

EDIT: Same thing with 7.

 

Does disabling the firewall in ESS make a difference?

 

I believe I mentioned that it did, but yes, turning off the firewall "solves" the problem.

 

I'd suggest enabling logging blocked connections in the IDS setup, reproducing the problem and eventually checking the firewall log for details about the rule that blocked the communication. Subsequently you can edit the rule or remove it completely and thus allow the communication. Remember to turn off the logging when you're finished so that the log doesn't fill up with tons of unnecessary entries.

 

Here's the log of trying to ping it and then access the webpage on it. It tells me... three fifths of nothing, quite frankly.

EDIT: After studying it and horsing around a bit, it seems the "Identical IP Address detected" 'error' triggers the IP being blocked for some time. If I disable "Block unsafe addresses after attack detection", it works okay.

I guess the problem still is, why is this happening, and why does it affect Vista and 7 but not XP. There's nothing weird about the Linux box, it's Ubuntu 9.10 running a standard LAMP/SSH setup.