When you use a NAT (Network Address Translation) firewall, you may encounter problems when trying to use SSL encryption. A possible fix to this issue is to enter information on the Firewall - Passive Connection Settings page. The settings on this page set the file transfer host to respond to a PASV command by returning the IP address and port range of the NAT firewall. In many cases, this lets you use SSL through a NAT firewall.
To change firewall settings:
Note: If you specify an IP address and not a port, the server will use any available port above 1024, but will still use the specified IP address in the response. If you specify a port or port range and not an IP address, the server will use its own IP address and only the specified ports.