the client is LAN side, right? The firewall shouldn't affect it then.
If it is WAN side, you'll have to drop the 192.168./16 subnet
from the RFC/ipspoofing portion. If your LAN side, the problem
is likely in the client user being on the shared (server) machine
user base and in the hosts.allow file. I guess rpc could also be
an issue, but not likely being that you set up the client machine
correctly for sharing.