If you want to set Filezilla ftp server to handle passive connections on your AWS EC2 instances, you should do the following.
Select non used TCP ports, for example 9024-9048 range
In your AWS EC2 security group, allow the incoming connections on chosen ports:
tcp port 20
tcp port 21
tcp port 9024-9048
If using Windows firewall on you instance, allow connections on same ports.
Now configure Filezilla to use specific port range on Passive connections:
Open Filezilla management console.
Got to: Edit > Settings > Passive Mode Settings
'External Server IP Address for passive mode transfers'
If you use AWS Elastic IP, enter it in "Use the following IP",
if not - use Filezilla provided web service with "Retrieve external IP address from" option.
Check 'Don't use external IP for local connections'
Check 'Use custom port range'
Enter chosen values (in our example) 9024 - 9048 for custom port range.
SiQ systems, Cloud experts