"Default Drop" of HTTPS packets on internal connection

Hi guys,

Here's another one from my workshop [;)]

I have an ASG v8 as a virtual appliance (192.168.98.254) on a ESXi host (192.168.98.1).

I can not connect to the ESXi host with VMware vSphere Client from another internal PC (192.168.98.11).

Here's a Packet Filter log:

2010:08:16-03:05:13 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK" 
2010:08:16-03:05:13 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="110" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK PSH" 
2010:08:16-03:05:16 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="110" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK PSH" 
2010:08:16-03:05:16 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK" 
2010:08:16-03:05:22 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="110" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK PSH" 
2010:08:16-03:05:22 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK" 
2010:08:16-03:05:34 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="110" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK PSH" 
2010:08:16-03:05:34 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK" 
2010:08:16-03:05:43 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK FIN" 
2010:08:16-03:05:46 vmaastaro ulogd[3728]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:e:7f:23:84:bb" dstmac="0:c:29:4a:f5:18" srcip="192.168.98.11" dstip="192.168.98.1" proto="6" length="110" tos="0x00" prec="0x00" ttl="128" srcport="3028" dstport="443" tcpflags="ACK PSH FIN" 

However, on a very rare occasion I do manage to connect just to be disconnected a couple of minutes later.

I have another ESXi host on the same network (192.168.98.2) which is working just fine...

What should I check?

Thanks in advance,

Miro