I am getting the PCI scan failure below on my web server. We have tried several solutions, but nothing seems to work. Our vendor needs to use FTP over SSL to connect to this server. They are using FTPS with TLS required to connect. Since the standard FTPS port is disallowed by PCI, we have been using port 2112. With our latest scan, apparently this port is no longer allowed due to this reported issue. We have plain text logins turned off and TLS is required on this port (although the scan does not see this as true). "Unencrypted authentication is allowed prior to TLS negotiation. The service running on this port appears to make use of a plaintext (unencrypted) communication channel. The PCI DSS forbids the use of such insecure services/protocols. Unencrypted communication channels are vulnerable to the disclosure and/or modification of any data transiting through them (including usernames and passwords), and as such the confidentially and integrity of the data in transit cannot be ensured with any level of certainty. Transition to using more secure alternatives such as SSH instead of Telnet and SFTP in favor of FTP, or consider wrapping less secure services within more secure technologies by utilizing the benefits offered by VPN, SSL/TLS, or IPSec for example. Also, limit access to management protocols/services to specific IP addresses (usually accomplished via a "whitelist") whenever possible." Any suggestions are appreciated.