FreeBSD

How to forward FTP to cisco?

Hello!
I can't get FTP to work on the internal network, through a cisco router. I want to configure in passive mode - I forward the 21st port ip nat inside source static tcp 1.1.1.1 21 interface Fe4 21 I
open access on the WAN interface - permit tcp any Fe4 eq 21, I open access to dynamic ports (I set the range on the server) permit tcp any Fe4 range 55000
56000 The connection is established, the client is given an IP and a port from the desired range, the permit works, but there is no forwarding to the server on these dynamic ports. ip inspection FTP tried already both on external, and on internal interfaces to hang up, both on IN and on OUT. But the client stubbornly says that he cannot reach this port. ip inspect seems to work:

T: Start ftp session: initiator (xx.220.239.42:39257) -- responder (192.168.1.98:21)
001199: Mar 21 12:46:33.045 PCTime: %FW-6-SESS_AUDIT_TRAIL_START: Start ftp-data session: initiator (xx.220.239.42:5581) -- responder (xxx.xx.xxx.82:55695)
it(config-if)#
001200: Mar 21 12:46:38.123 PCTime: %FW-6-SESS_AUDIT_TRAIL: Stop ftp-data session: initiator (xx.220.239.42:5581) sent 0 bytes -- responder (xxx.xx.xxx.82:55695) sent 0 bytes
001201: Mar 21 12:46:45.545 PCTime: %FW-6 -SESS_AUDIT_TRAIL: Stop ftp session: initiator (xx.220.239.42:39255) sent 657 bytes -- responder (192.168.1.98:21) sent 2188 bytes
001202: Mar 21 12:46:45.549 PCTime: %FW-6-SESS_AUDIT_TRAIL : Stop ftp session: initiator (xx.220.239.42:39257) sent 71 bytes -- responder (192.168.1.98:21) sent 608 bytes

001254: Mar 21 13:06:35.539 PCTime: %SEC-6-IPACCESSLOGP: list WAN-IN permitted tcp xx.220.239.42(31368) -> xxx.xxx.xxx.82(55695), 1 packet