sorry, I don't know how much you know so don't be patronised by this but have you have tried enabling the FTP port (21) from WAN using Iptables?
There is a guide on how to do this on my wiki:
http://www.sprayfly.com/wiki/FTP_from_WAN
To keep information on the forum, rather than all on external sources, here is that page:
----------------------------------------------------------
To enable ftp from WAN, we need to configure iptables to accept some ports. This is exactly the same as what was done to enable dropbear from WAN. Type
cd /usr/local/sbin
nano post-firewall
If you want to run both dropbear and FTP over WAN, you need the following in the post-firewall file.
#!/bin/sh
#SSH and FTP access from WAN
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -t nat -A PREROUTING -i vlan1 -p tcp --dport 22 -j DNAT --to-destination $4:22
iptables -t nat -A PREROUTING -i vlan1 -p tcp --dport 21 -j DNAT --to-destination $4:21
iptables -A INPUT -j DROP
If you only want to run FTP over WAN, you need these contents
#!/bin/sh
#SSH and FTP access from WAN
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -t nat -A PREROUTING -i vlan1 -p tcp --dport 21 -j DNAT --to-destination $4:21
iptables -A INPUT -j DROP
Now we need to commit this to the internal flash memory of the WL-HDD. As the post-firewall script is in the /usr/local tree, this is straightforward.
flashfs save
flashfs commit
flashfs enable
reboot
[edit]
Testing
Note that you cannot connect to your FTP server by typing your WAN address into a terminal or browser.
Most ADSL/cable routers do not allow this.
To test your FTP server from WAN, you will either have to have a separate internet connection or go to somebody elses house/work etc.
Connect as normal but enter the WAN ip address rather than you internal LAN IP address.
To find out your WAN IP address, click here.
Note that most WAN IP addresses will change when you restart your DSL/cable router or when you disconnect and reconnect. Consider using a dynamic IP service.
--------------------------------------------------------------
Hope this may have been of some use to you!?
Jono