Occasionally, I stop being able to access our Exchange server from my PC. Just my PC - everyone else carries on without incident, but I can't ping the Exchange box, log in with Outlook or get to the OWA page (also hosted on the same server).
This behaviour would persist for a few minutes, or until I rebooted. Based on that, I grabbed a copy of my ARP cache while the Exchange box was being unresponsive (to me, anyway), to discover that the MAC address of the Exchange box (Exchange 2007, running on VMWare) had been replaced by that of the LAN interface on our firewall.
Clearing the ARP and DNS caches resolved the problem, but I've got no idea why this is happening in the first place - my PC and the Exchange box are both on the same subnet and the default gateway is another address entirely, so the firewall (a PIX 515E) shouldn't see any Exchange-bound traffic from my PC in the first place, much less be answering ARP requests for the Exchange server.
It's not a major problem now that I know what's going on, but it's baffling the hell out of me. Does anyone have any idea what might be going on here?
It sounds like a problem with proxy ARP at the firewall (even though it shouldn't). I'm assuming the Pix is doing proxy ARP for the Exchange server for inbound traffic from the internet. For some reason it sounds like the firewall is doing proxy ARP for internal traffic as well. When the problem occurs, try running a tracert to the internal ip address of the Exchange server and see if it's going through the firewall for some reason.