I have a Cisco ASA 5505 with the unlimited client license. Under normal circumstances all clients (about 50 total) on the LAN can access the Internet and ping the router's private interface.
We've been experiencing frequent Internet problems on the clients. The clients (Windows PCs) will lose Internet access and are no longer able to ping the router's private interface (but they can ping and connect to other Internal PCs); however it will be one or two clients at a time i.e. other clients and servers can still access the Internet. The problem occurs up to 4 or 5 times an hour for some people.
The "outage" lasts for between 30 seconds and 3 minutes usually. It's almost as if the router is choosing to block certain IPs for no apparent reason; I don't see anything in the logs, anti-spoofing is turned on, and anti-scanning protection was been turned off.
I'm not an expert with ASAs, so I'm hoping someone can point me towards the answer here.