After Migrating VM to AWS, cannot connect to server

I recently migrated 2 VMs to AWS EC2.
Both the new AWS VMs can ping  server1 (also AWS VM), but cannot connect to server1 in explorer.  All other workstations/servers in our domain can, including other AWS VMs that are on a different subnet.  (172.27.162,xxx is the subnet for the new VMs. Other AWS VMs on subnet connect fine).

When trying to navigate to the share, the following error occurs: "Windows cannot access \\server1\"  error code 0x80004005

Any ideas how this could be fixed?
J GAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kini pradeepDevelopment ManagerCommented:
0x80004005 refers to an unspecified error. Are the old and new VM's able to ping each other or is ICMP blocked.
what about port 445 for SMB , is that open ? and are the new VM's domain joined ? are they able to reach/ auth with the domain controllers ?

could you briefly describe the network and what works ping, tracert etc. if there are two VM's in the same subnett do they communicate with each other ?
J GAuthor Commented:
ping is successful
tracert-  1 hop from server1 to new VM
2 VMs domain are joined, they are able to reach the DCs
port 445 should be open, because all other workstations in domain can connect with server1
J GAuthor Commented:
I can also remote desktop into Server1 from the new VM.  From there I can navigate to the new VM in File explorer.  But not Vice Versa.
Exploring ASP.NET Core: Fundamentals

Learn to build web apps and services, IoT apps, and mobile backends by covering the fundamentals of ASP.NET Core and  exploring the core foundations for app libraries.

sounds like a firewall rule
J GAuthor Commented:
windows firewall is turned off.  We have on-prem firewalls.  Would I be able to find any rules in the AWS portal?
Michel SakrRounded IT Consultant / Projects manager / Cloud Consultant / IT PlanningCommented:

Since you can access within the same subnet it can be the Network ACL rules between the subnets, on both subnets if you do not have the default subnets ACLs set that allow by default all in/out then make sure you create rules to allow traffic from the IP of the external machine to that subnet, it need to be on both ACLs,

If using EC2: Also you might need to check your security group rule that the instance you are connecting from is attached to, these are stateful firewalls and since share use UDP and TCP, thus the new server might want to access your machine in a new connection try to add a full inbound access rule first from the ip of the new VM to your machine and also make sure you do the same on the SG of the new VM from yours .
If opening full access on SGs and ACLs works, then narrow down by elimination and allow only UDP ports 135 through 139 and TCP from 135 through 139 traffic to flow for best security control

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.