i have an ASA that protects a number of inside vlans.  lately, with the increasing number of 2008 servers we deployed, i found that more and more i need to allow protocol 41 traffic from one inside vlan to another.

one example is that we have a win 2008 r2 print server, hosts on the same vlan as the server obviously have no problem with printing, but hosts on other vlans have issues.   when i look at the logs, the only thing that was blocked by the ASA is protocol 41 traffic.  it is very obvious because each time i hit the print button on a host computer, 2 deny entries are generated showing the ASA blocked protocol 41 traffic between the host and server.  if i allow protocol 41 between these 2 vlans, everything works fine. 

file/print sharing has always been allowed across all of our inside vlans, and we have no problem on any of the pre 2008 servers.  these issues doesn't happen on all of the 2008 boxes neither, only about 10% of them.  running 8.31 on the ASA.  all hosts are on public IPs so we don't do NAT.  all hosts are using either dhcp or static ipv4 addresses.

anyone else experienced this and what are you doing about it?  thanks