My connectivity is like below.
Internet ----- FW------ Wing-FTP.
Since wing-ftp is using private IP, I am doing the NAT on the firewall. HTTPS and SFTP both works with NAT but the FTPS doesn't seem to work. During the session establishment, it tries to send its real IP which is non routable over the internet. How can I get around this issue? Below is session log from a filezilla client. Below is scrubbed output.
Status: Resolving address of sftp.xxxx.com
Status: Connecting to x.x.x.x:990...
Status: Connection established, initializing TLS...
Status: Verifying certificate...
Status: TLS/SSL connection established, waiting for welcome message...
Response: 220 Welcome to Wing FTP
Command: USER xxxxx
Response: 331 Password required for xxxxx
Command: PASS ********
Response: 230 User xxxxx logged in.
Response: 215 UNIX Type: L8
Response: 211-Extension supported
Response: MDTM YYYYMMDDHHMMSS;filename
Response: AUTH SSL
Response: AUTH TLS
Response: XCRC "filename" SP EP
Response: SITE MSG messagetext
Response: SITE PSWD oldpass newpass
Response: SITE UZIP filename.zip
Response: SITE ZIP filename.zip sourcefile1||sourcefile2||sourcefile3||...
Response: 211 End
Command: CLNT FileZilla
Response: 200 Noted.
Command: OPTS UTF8 ON
Response: 200 UTF8 OPTS ON
Command: PBSZ 0
Response: 200 Command okay. PBSZ=0.
Command: PROT P
Response: 200 Encrypting Data Channel.
Status: Retrieving directory listing...
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I
Response: 227 Entering Passive Mode (172,22,22,22,4,0)
Status: Server sent passive reply with unroutable address. Using server address instead.
Error: GnuTLS error -53: Error in the push function.
Error: Connection timed out
Error: Failed to retrieve directory listing