lftp data connection returns raw ip of the ftps server in passive mode, missing domain information

Question

I am using lftp to communicate with a ftps server in passive mode. All of my certificates have been installed and are working properly. I am able to connect to the ftps server, do cd to change directory. The machine (debian) where lftp is installed is behind a NAT Gateway with strict firewall rules. The server is outside our network. When doing the initial handshake, lftp passes the domain name instead of the raw ip, which is passed by our firewall rules and the handshake is successful.

When I try to transfer the files, lftp data connection part uses the raw ip of the server instead of the domain while making the connection. And this raw ip is blocked by the our firewall as it is missing SNI information.

Here is my configuration of rc file (I have excluded certificates)

set ftps:initial-prot ""
set ftp:ssl-force true
set ftp:ssl-protect-data true
set ssl:verify-certificate yes
set ftp:ssl-auth TLS
set ftp:ssl-allow true
set ftp:ssl-protect-list yes
set ftp:ssl-protect-fxp yes
set ftp:passive-mode true
set ftp:ssl-data-use-keys true
set ssl:use-sni true

The command I am using to connect to lftp

lftp -d -e 'debug 13' 'ftps://username:password@domain'

logs from the above command and cd to path with private information hidden

---- Resolving host address...
---- 1 address found: ip
lftp username@domain:~> cd test
---- dns cache hit
---- attempt number 1 (max_retries=1000)
---- Connecting to domain (ip) port 990
GNUTLS: HSK[0x55b8eb5eebe0]: CLIENT HELLO was queued [363 bytes]
GNUTLS: HSK[0x55b8eb5eebe0]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag cd ok, cwd=/test

and then when i put file on the path

username@server:/test> put file.txt
FileCopy(0x55b8eb612590) enters state INITIAL
FileCopy(0x55b8eb612590) enters state DO_COPY
opened FD 5 (/home/file.txt)
---> TYPE I
<--- 200 Type Binary
---> MODE Z
<--- 200 MODE Z ok
---> PASV
<--- 227 Entering Passive Mode (ip,44,94)
---- Connecting data socket to (ip) port 11358
---- Data connection established
0:0 translated to pair 0:0 (0,0)
0 translated to pair 0:0 (0,0)
0:0 translated to pair 0:0 (0,0)
0 translated to pair 0:0 (0,0)
0:0 translated to pair 0:0 (0,0)
0 translated to pair 0:0 (0,0)
---> ALLO 5291441
<--- 202 ALLO command ignored
---> STOR file.txt
<--- 150 Opening data connection
GNUTLS: HSK[0x55b8eb62fc50]: CLIENT HELLO was queued [2570 bytes]
<--- 522 Unable to secure data connection                                  
put: Access failed: 522 Unable to secure data connection (file.txt)
closed FD 5
---- Closing data socket
**** Peer closed connection
---- Closing control socket

My question is, can I modify lftp configuration to use the domain name instead of the raw ip while establishing the data connection as this would meet the firewall requirements and allow data transfer to take place. And we are not allowed to change the NAT Gateway so modifying firewall requirements is not an option.

I have gone through lftp manual and through stackoverflow, couldn't find a direct solution other than modifying the firewall