John, I have run into somewhat the same situations. As someone else said, FTP-TLS and firewalls do not play nicely with each other. Primarily, some firewalls do what is called "stateful inspection". The client always (unless told to differently) tries to open the command channel to port 21 on the server side. The problem during ssl negotiation is that the firewall on one side of the firewall is trying to validate the ftp traffic across the port connection.
Verify with your firewall folks if they are doing "stateful inspection" (if your using Checkpoint NG firewall, the service def for port 21 will have protocol = FTP). If they are, have them change the rule to turn that off. If they are not doing stateful inspection, talk to the folks on the other end of your connection, to verify they are not doing that. Pete ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
