pfSense

I have a pfsense with three ports.
These are a LAN (192.168.10.0/24), a DMZ (192.168.30.0/24) and an unused WAN port.
The LAN is configured to reach all other subnets and the DMZ and the WAN are blocked by default.

Now, If I ping from a DMZ client to a LAN client it is blocked.
A ping from the LAN client to the DMZ client is successfully.
This is the behavior I expected.
But now the problem.
If I retry my first ping from the DMZ client to the LAN client directly after the ping from LAN client to the DMZ client,
it is also successfully now.
Furthermore, this ping is successfully as long as the ping tool runs.

FYI:
The prerequisite for this behavior is the same ICMP ID from the LAN client and the DMZ client!
I tested this with WIN XP clients which used the ID 512.