Samba share not accessable from other subnets

Thanks for taking a look to my issue and think with me for a solution. I have a samba server on a subnet 172.23.3.55/23 (2.0 --> 3.255) and within that subnet I can access the server no problem. Also the 172.23.4.0/23 subnet that lives on the same Core Switch can access the server no problem. Even our Office Subnet 129.228.114.0/23 can access the system through the firewall with no issue. But when I connect to our VPN network, 172.23.45.0/24 or when I come from a different office with totally different ranges I cannot access the server. The server responds, and I need to login, but the login is rejected always. Here is my [global] and [share] section of the smb.conf workgroup = localdomain.nmc netbios name = AMS-QTGW02 server string = %h server (Samba %v) # hosts allow = 172.23.202.0/24 172.23.45.0/24 129.228.114.0/23 129.228.70.0/24 129.228.109.42 129.228.109.83 force user = nobody force group = nobody force create mode = 0666 force directory mode = 0777 create mode = 0666 directory mode = 0777 guest account = vimn security = user passdb backend = tdbsam ntlm auth = yes log file = /var/log/samba/log.%m log level = 2 passdb:5 auth:5 max log size = 50M #Performance Tuning: use sendfile = true kernel oplocks = no strict locking = no # macOS files veto files = /.DS_Store/.AppleDesktop/.AppleDB/.AppleDouble/.Temporary Items/ delete veto files = yes printing = cups printcap name = cups load printers = no cups options = raw [AMS-HATCH] comment = HATCH Storage Share (AutoCleaned 30 Days) path = /quantum/AMS-HATCH browseable = yes writable = yes guest ok = yes force user = nobody force group = nobody valid users = @LinuxAdmins, vimn, mll As you can see I outhashed the line "hosts allow" so that all IP's can access them, later when all is working I would like to limit access through that (or "hosts deny"). The credentials are checked already multiple times, and they are enterred correctly. I red something about samba-winbond for non-domain servers to be disabled, but I did not install it, is there a setting I don't know about that I mis or should use? In the log file of this session I have this: [2018/02/19 11:21:07.724423, 5] ../source3/auth/server_info_sam.c:122(make_server_info_sam) make_server_info_sam: made server info for user vimn -> vimn [2018/02/19 11:21:07.724461, 3] ../source3/auth/auth.c:249(auth_check_ntlm_password) check_ntlm_password: sam authentication for user [vimn] succeeded [2018/02/19 11:21:07.724516, 5] ../source3/auth/auth.c:292(auth_check_ntlm_password) check_ntlm_password: PAM Account for user [vimn] succeeded [2018/02/19 11:21:07.724537, 2] ../source3/auth/auth.c:305(auth_check_ntlm_password) check_ntlm_password: authentication for user [vimn] -> [vimn] -> [vimn] succeeded [2018/02/19 11:21:07.725216, 5] ../source3/passdb/pdb_interface.c:1749(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2018/02/19 11:21:07.725264, 5] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 513 by key RID_00000201. [2018/02/19 11:21:07.725300, 5] ../source3/passdb/pdb_interface.c:1825(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2018/02/19 11:21:07.725317, 5] ../source3/passdb/pdb_interface.c:1535(pdb_default_sid_to_id) SID S-1-5-21-3363938291-73671434-3978610123-513 belongs to our domain, but there is no corresponding object in the database. Password is authenticated correctly, but still the connection is cut-off. Thanks a lot people. edit: added the log section.