here are a couple of things that i've found when setting this up....
1. Use FQDN's when specifying your service object e.g. setspn -A MSSQLSvc/Server_Name.sub_domain.root_domain.org.com:port domain\SQL_Service_Accont
2. MSDTC Configuration
On each SQL server being used for replication, perform the following steps from Start/Run dcomcnfg
Expand the “Component Services” node, then the “My Computer” node, then right-Click and select “Properties”
Select the MSDTC Tab, and select the “Security configuration…” button.
Select Network DTC Access, Allow Remote Administration, Allow Inbound, Allow Outbound, Mutual Authentication Required.