I believe your correct about passive / active. The inspect command allows for passive FTP, to be permitted.
However in active ftp the client tells the server to talk to me on port 123 and the server attempts to connect, but since there is not a translation for that it is denied, check your logs I suspect you will see this reported there.
The only way i have found to allow active is to explicitly allow it via a ACL rule.
IMO passive is more secure than active so if possible only allow passive to traverse your firewall.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...