vsftpd + NAT causing failed connections

Hello
I've been searching all over the place and i haven't quite been able to solve my problem. I'm running vsftpd on several debian boxes behind a firewall and i am using NAT. I have ports 20 and 21 open. All services on these machines work perfectly except ftpd.

if i ssh onto any machine behind this firewall, i can
ftp localhost
ftp private address
ftp hostname
and connect sucessfully

but i cannot ftp to the public IP address, even if it's the IP of the machine i'm on. I'm not sure if the problem is firewall or server configuration, but i'm really leaning towards the server. problem is, I'm not even getting any messages in the log files when i try to connect to these machines via public IP, so the request seems to never make it to the machine. I have been assured repeatedly by other admins that the firewall is properly configured, so i'm working on the software side of things.

here's what i've done:

vsftpd is set to run standalone.

connect_from_port_20=YES
hide_ids=YES
pasv_enable=YES
pasv_min_port=5001
pasv_max_port=5005
pasv_address= ?

i've tried to set the pasv_address to both the public ip and the private ip, but with no luck at all. Bear in mind that isn't the entire config, just the parts that i feel might play a part in this problem.
i have both the public and private IP addresses in my /etc/hosts file, that seems to make no difference at all.

i'd appreciate any help in this matter, i really need access to these machines.
thanks in advance,
capt.

Is your NAT box running Linux? If so, is CONFIG_IP_NF_FTP enabled in that kernel? If you're trying to NAT FTP, it needs to be.

If the box isn't running Linux, there will probably be some other kernel option in that particular kernel to manage FTP over NAT.

It's a pretty common problem (well, among people who actually NAT FTP servers), so it came to my mind first.

Colin