Kent Polk wrote:
If we could simply solve this problem by replacing our active ftp clients with passive ones, it would be great, but it still doesn't solve the problem of clients *elsewhere* which are running behind a firewall and attempting to contact our server...
One possible way to solve this is to use an FTP proxy. A quick search at freshmeat.net yielded: http://www.mcknight.de/jftpgw/
And here I thought active ftp clients had gone by the wayside years ago, considering the problem they have with firewalls... Solaris, RedHat, and NT still have active ftp clients by default, which are the main clients boxes which will be hitting the server.
Passive mode is indeed more compatible--all the browsers I've used make passive connections and don't even provide an "active" option. Shane