I am setting up a enviorment that consist of 2 forrest that need a trust relationship setup between them. Domian A consist of a controler runnign windows 2003 and is sitting beind a firewall which is open for testing purposes Domain B is connected directly to a ISP providing a static IP and there are no firewall in question. I have created secondary dns zones in each domain. I am able to successfully ping the DC's between the two domains When I go to the the Active Directory Domains and Trust section and try to create the trust I get error message "the Local Security Authority is unable to obtain a RPC connection to the domain controler dc_name.domainB.com. Please check that the name can be resolved and that the server is avaiable." The server is available and since the Domain controllers can ping eachother I know that there is a connection. I checked the port that RPC is running on and it is port 135. I am not able to telnet port 135 from domain controler A to domain controler B and vice versa. I belive that this is the cause of the problem. I have checked to make sure that the netwrok firewall is permiting traffic on port 135 and the windows firewall has been turned off as well. I see that both servers are listening on port 135 and i can get a response if i use the command telnet localhost 135 Are there any security features that make this port unaccessable to incoming connections from unkown host ? I am not sure why I am not able to connect on port 135 between the domain controlers. I have also made sure that the forest and domain levels are running on windows 2003 level

The problem is most likely due to the firewall rule base. Check your firewall logs for drops. Visit: anITKB.com, an IT Knowledge Base.

We been today talking to Juniper Firewaal support caouple times already, We using Juniper SSG-5 Router