I have setup SERV-U FTP in my DMZ. Regular FTP and SFTP work fine. I have created a self signed cert within SERV-U. When I try to use FTPS in Active mode, it connects and fails when trying to pull the directory. I get a TLS negotiation error. This happens when I use several different ftp clients.
I'd try to work inside out on this. Let's start with FTP Voyager as the FTP client. Install it on the same machine as Serv-U and test your active FTPS link. Next install it on a different machine and test again. Finally, go outside the firewall and test yet again.
However, if you're going to stick with FTPS, I would look at abandoning active mode altogether and switching to passive mode. That allows you to only have to worry about inbound connections (whereas active mode requires outbound connections back to the client, which can run afoul of a second firewall).
Here's our recommended firewall configuration, using passive FTP/S data ports.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.