Its obvious I still need to learn more about FTP as well! I am afraid I was a bit confused but I believe I see the light now!
Assuming I am not allowed to turn FTP ALG back on at this time, I am pointing to the alternative until I can.
Keeping in mind this is not an FTP forum (thus pushing my luck once again), aside from opening the ftp return on port 20 (default), I would also have to open the server port minus one (n-1) for each custom non default connections as well for each server correct?
So if I had a server that to connect to it was 5001, I would need to open 5000 for the return, and so on? Is that correct?
Makes me really appreciate Passive mode for sure.
Update: I actually found a resource that explained the differences pretty well. The data will always be port 20 in Active Mode, which is what you were telling me all along ... but it wasn't sinking in.
Active FTP :
command | client >1023 -> server 21
data | client >1023 <- server 20
Passive FTP :
command | client >1023 -> server 21
data | client >1024 -> server >1023
thanks again for all your help!