Core issue
In certain situations, it may be necessary to permit devices on the outside network of a PIX Firewall to log in into the NT domain controller on the inside interface. Once logged in, the outside device can access shared folders in the NT domain.
Resolution
Windows Networking uses User Datagram Protocol (UDP) port 137, UDP port 138, and Transmission Control Protocol (TCP) 139 for various Network Basic Input and Output System (NetBIOS) services needed to access folders. Configure an Access Control List (ACL) on the PIX to permit connectivity through those ports.
For more information on permitting NT domain login and authentication through a PIX, refer to these documents: