Cisco ASA 5510 needs “clear arp ” periodically to reach a single host

ASA 9.0(3)

The symptom is that I can ping from the ASA to any other host in that interface's subnet, save one particular host (that host can ping the interface on the ASA however). If I do "clear arp FooInterface" I'll be able to ping the host for a few minutes (varies, but < 10), then it won't work until I re-issue the command.

sho arp on the ASA shows the correct MAC for the host, arp -a on the host shows the correct MAC for the ASA's interface.

This subnet is on a VLAN, none of the other VLANs on this physical interface have this problem.

Any ideas what's causing this?

=== edit ===

As requested, show arp for the IP when communication works:

ykf-fw-1# sho arp | include 10.10.40.36
Infrastructure 10.10.40.36 90e6.ba8c.1828 363

and when it doesn't:

ykf-fw-1# sho arp | include 10.10.40.36
Infrastructure 10.10.40.36 90e6.ba8c.1828 144

=== edit #2 ===

A ping from the ASA:

ykf-fw-1# ping 10.10.40.36
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.40.36, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)

the host sees this via tcpdump:

[root@ykf-nas-2] ~# tcpdump -i vlan1 host 10.10.40.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan1, link-type EN10MB (Ethernet), capture size 65535 bytes
22:01:17.563705 IP 10.10.40.1 > 10.10.40.36: ICMP echo request, id 17480, seq 25146, length 80
22:01:17.563719 IP 10.10.40.36 > 10.10.40.1: ICMP echo reply, id 17480, seq 25146, length 80
22:01:19.561476 IP 10.10.40.1 > 10.10.40.36: ICMP echo request, id 17480, seq 25146, length 80
22:01:19.561490 IP 10.10.40.36 > 10.10.40.1: ICMP echo reply, id 17480, seq 25146, length 80
22:01:21.561253 IP 10.10.40.1 > 10.10.40.36: ICMP echo request, id 17480, seq 25146, length 80
22:01:21.561267 IP 10.10.40.36 > 10.10.40.1: ICMP echo reply, id 17480, seq 25146, length 80
22:01:23.561107 IP 10.10.40.1 > 10.10.40.36: ICMP echo request, id 17480, seq 25146, length 80
22:01:23.561120 IP 10.10.40.36 > 10.10.40.1: ICMP echo reply, id 17480, seq 25146, length 80
22:01:25.560906 IP 10.10.40.1 > 10.10.40.36: ICMP echo request, id 17480, seq 25146, length 80
22:01:25.560920 IP 10.10.40.36 > 10.10.40.1: ICMP echo reply, id 17480, seq 25146, length 80

(and ping from the host to the ASA work as expected).

[edit Feb 17] I've been back and forth with Cisco TAC for the last month. Upgraded to 9.1(5), same problem. The support rep took packet captures from the ASA, the host and the L2 switch connecting them, and is supposed to get back to me at some point. He claims he's never seen anything like this and thinks it might have something to do with the VLAN encapsulation between the switch and the ASA (this problem doesn't happen to subnets on the ASA's native interface).