Now to answer the question...

The reason nmap is reporting the host is down is probably because of the type of ping it's been told to use. By default, nmap when run through nmapfe will ICMP ping the target, but Linux pings use UDP by default. This sounds to me like the host isn't totally firewalled, and does allow certain types of traffic to pass.