File sharing between domains over site to site VPN

[guest]

The only traffic you need to allow through the firewall is the VPN
traffic. The firewall sees only the PPTP or IPSec header. The "real" packet
is just the payload and is encypted, and cannot be examined by the firewall.
You should not have the file sharing ports open on the firewall.

Have you set up a trust between the two domains? Credentials which are
valid in one domain do not automatically work in another unless there is a
domain trust.

> We have two domains, DOMAIN1 and DOMAIN2. They each have their own
> firewall and there is a persistent VPN tunnel setup between the two.
> All traffic is allowed between the firewall and I've checked the logs
> to make sure that the issue isn't with the firewall. Going from
> DOMAIN2 to DOMAIN1 the shares work perfectly. All users (which is
> what we want) can access any UNC path share in DOMAIN1 by logging in
> with their DOMAIN1 user account. Going the other way, DOMAIN1 to
> DOMAIN2 isn't working entirely. I can access any UNC path share in
> DOMAIN2 from DOMAIN1 using my DOMAIN2 account, but that's only because
> it's a domain administrator. Any of my users that try to access
> DOMAIN2 resources from a DOMAIN1 machine are denied. What is the
> issue here? It's not an individual computer issue since my account
> will work when theirs doesn't on the exact same machine and the exact
> same share. I see a lot of Event ID: 529's in the log.
>
> Any ideas?