Windows cannot access \\filesystemid\share

Hello,

I was wondering if anyone could provide some guidance. I've got a share built in us-east-1. There is a trust between my on prem domain and the managed ad fsx is joined to. The "Everyone" group and my specific user account from the on prem domain have full permissions on the share. According to this post, it seems the share should be accessible via VPN: https://aws.amazon.com/about-aws/whats-new/2019/02/amazon-fsx-for-windows-file-server-now-supports-on-premises-access/

However, when I attempt to connect to the share from an on prem machine in the trusted domain with my user account, I receive the following error message

"windows cannot access \filesystemid.managedad.com\share Check the spelling of the name. Otherwise there might be a problem with your network..."

There's no issue with network connectivity, VPN is up, routes are there, SGs are allow all from the on prem subnet, NACLs are allow all inbound and outbound, host based firewalls are off and network based firewalls are allow all outbound, I can resolve host names in the managed ad via my on prem forwarder (including the IP of the filesystem), I can ping and rdp into stuff in the same subnet, heck even my VPC flow logs for the FSX network interface show Accepts from my on prem host to the fsx eni on ports 445, 139, and 120.

Despite all this, I get the above error when attempting to use the share, and I cannot telnet to the IP of the share on port 445 from my on prem machine. Telnet to the same port and IP from within the subnet works. Again, there is nothing but Accepts in my flow logs. It seems like it has to be fsx dropping the traffic? What am I missing?

Any help would be greatly appreciated.