This article discusses the limitation and support when using FTP via NAT in NSX-T
Symptoms: When using Active FTP Client behind NAT in NSX-T, user may able to login FTP server but unable to retrieve data.
Environment
VMware NSX-T Data Center
Cause
The issues with Active FTP arise from the fact that after the control session is opened by the client, the server needs to open a second data connection using a different source and destination port. In NSX-T, FTP payload data is not translated beyond NAT. And this feature is not on the roadmap due to security concerns.
Resolution
None
Workaround: Configure a 1:1 NAT rule for FTP client and choose FTP software that support public IP address in settings such as FileZilla .