Second Domain AD not visible from Firebox
We have an M400 device which is set up fine within our domain through Interface 1. Allmachines are fine and we have AD Authentication set up from the device which works perfectly fine as well.
We are now merging with another company and need to add a second domain to our network. We have linked this to interface 2 and configured it as a Trusted interface (It feeds to another firewall which has a VPN to the other company). In general this works fine. Ports are opened and clients on interface 1 and 2 can communicate and we can join the second domain from our original interface fine and ping the new domains AD server as well.
For some reason the Firebox is unable to access the new domains AD server by IP either through Ping, Tracert or when testing the authentication to this server from the web interface - error "Connect to server: Failed (can't connect to 10.161.13.10[server is down or unreachable])" and Ping fails with 100% failure.
If I have a machine on interface 1 and join the new domain I can join fine and ping the server fine from the client device without issue.
The IP of the AD server is part of the route which goes through interface 2, I have not set up any NAT rules for this ip range as they will not be accessing the web through our watchguard device.
Worth noting that our subnet and the new subnet are part of the same larger class A range (We have 10.161.64.0/18 and they have 10.161.0.0/18)
We have a rule to allow all required ports from int 1 to int 2 for domain authentication, dns, radius and some other ports which seem to work fine for clients. We have also added the firebox itself to this rule (Alias:Firebox)
Does anyone have any ideas on this?
Sorry for the wall of text!