Without seeing a packet capture showing the context in which the firewall dropped the RST-ACK it is not possible to determine why it was dropped. Please provide a capture as well as the actual drop log card for this.
It is also possible that you are running afoul of the IPS Core Activation "Spoofed Reset", is that signature enabled in your environment?
Also any chance that there is a duplicate IP address assigned for the client? Is the RST-ACK packet coming from the same Layer 2 MAC address involved with the successful connection packets?
New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com