Hi all, im in need of help,  ive recently changed my firewall from a 5505 to a 5515x and although i thought id set them up the same i now cant get a connection to the FTP server.  the only thing i see in the log is a built tcp connection then nothing else.  im not sure what ive done wrong?

here is the current config

Result of the command: "show run"

: Saved
:
ASA Version 8.6(1)17 
!
hostname DERB-00-ASA01
enable password .qEGLVxwCkawUi1I encrypted
passwd 61UDOCC1Y4OThC/1 encrypted
names
!
interface GigabitEthernet0/0
 description Internet
 nameif outside
 security-level 0
 ip address xxx.xxx.xxx.xxx 255.255.255.248 
!
interface GigabitEthernet0/1
 description Unused
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/2
 description Unused
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/3
 description Unused
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/4
 description Unused
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet0/5
 description Internal LAN
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
!
interface Management0/0
 description Unused
 shutdown
 nameif management
 security-level 100
 no ip address
 management-only
!
boot system disk0:/asa861-17-smp-k8.bin
ftp mode passive
dns domain-lookup outside
dns domain-lookup inside
dns server-group Comex-DNS
 name-server 192.168.1.240
 name-server 8.8.8.8
 domain-name corp.comex
same-security-traffic permit intra-interface
object network Derby-LAN
 subnet 192.168.1.0 255.255.255.0
 description Derby LAN
object network Wednesbury-LAN
 subnet 192.168.10.0 255.255.255.0
 description Wednesbury LAN
object network VM-Netscaler
 subnet xxx.xxx.xxx.xxx 255.255.255.248
 description VM Citrix / Netscaler LAN
object network NAT-Hide
 host xxx.xxx.xxx.xxx
 description Source Traffic Hide
object network Dev-23CCC
 host xxx.xxx.xxx.xxx
 description Developers Server
object network EOS
 host xxx.xxx.xxx.xxx
 description Back Office System
object network Any
 host 0.0.0.0
object network C2S-VPN
 subnet 192.168.5.0 255.255.255.0
 description Client To Site
object network MartynB
 host xxx.xxx.xxx.xxx
object network FTP-Internal
 host 192.168.1.240
object network FTP-Public
 host xxx.xxx.xxx.xxx
object-group service FTP-Services tcp
 port-object eq ftp
 port-object eq ftp-data
object-group network Internal-LANs
 description Inside LAN's
 network-object object Derby-LAN
object-group network Remote-LANs
 description Comex C2S & S2S VPN LAN's
 network-object object Wednesbury-LAN
 network-object object C2S-VPN
object-group network VM-Citrix
 description Virgin Media Citrix / Netscaler Servers
 network-object object VM-Netscaler
access-list VMedia-Inside-ACL extended permit ip object-group Internal-LANs object-group VM-Citrix 
access-list VMedia-Inside-ACL extended permit ip object-group Remote-LANs object-group VM-Citrix 
access-list VMedia-Outside-ACL extended permit ip object NAT-Hide object-group VM-Citrix 
access-list Wednesbury-ACL extended permit ip any object Wednesbury-LAN 
access-list outside_access_in extended permit tcp any object FTP-Internal object-group FTP-Services 
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool C2S-IP-Pool 192.168.5.30-192.168.5.100 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static Internal-LANs NAT-Hide destination static VM-Citrix VM-Citrix unidirectional
nat (outside,outside) source static Remote-LANs NAT-Hide destination static VM-Citrix VM-Citrix unidirectional
nat (inside,outside) source static Internal-LANs Internal-LANs destination static Remote-LANs Remote-LANs unidirectional
nat (outside,inside) source static Remote-LANs Remote-LANs destination static Internal-LANs Internal-LANs unidirectional
nat (outside,outside) source static Remote-LANs Remote-LANs destination static Remote-LANs Remote-LANs unidirectional
nat (inside,outside) source dynamic Internal-LANs interface
nat (outside,outside) source dynamic Remote-LANs interface
nat (inside,outside) source static any any destination static C2S-VPN C2S-VPN no-proxy-arp route-lookup
nat (outside,outside) source static any any destination static FTP-Public FTP-Internal
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Auth-Serve protocol nt
aaa-server Auth-Serve (inside) host 192.168.1.240
 timeout 5
 nt-auth-domain-controller corp.comex
user-identity default-domain LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac 
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac 
crypto ipsec security-association lifetime seconds 3600
crypto ipsec security-association lifetime kilobytes 30000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
crypto map Outside-Map 1 match address VMedia-Outside-ACL
crypto map Outside-Map 1 set pfs 
crypto map Outside-Map 1 set peer xxx.xxx.xxx.xxx 
crypto map Outside-Map 1 set ikev1 transform-set ESP-3DES-SHA
crypto map Outside-Map 1 set security-association lifetime seconds 3600
crypto map Outside-Map 1 set nat-t-disable
crypto map Outside-Map 2 match address Wednesbury-ACL
crypto map Outside-Map 2 set pfs 
crypto map Outside-Map 2 set peer xxx.xxx.xxx.xxx 
crypto map Outside-Map 2 set ikev1 transform-set ESP-3DES-SHA
crypto map Outside-Map 2 set security-association lifetime seconds 3600
crypto map Outside-Map 2 set security-association lifetime kilobytes 50000
crypto map Outside-Map 2 set nat-t-disable
crypto map Outside-Map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map Outside-Map interface outside
no crypto isakmp nat-traversal
crypto ikev1 enable outside
crypto ikev1 policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl encryption 3des-sha1
webvpn
group-policy S2S-VPN-Policy internal
group-policy S2S-VPN-Policy attributes
 vpn-tunnel-protocol ikev1 
group-policy vpnclient internal
group-policy vpnclient attributes
 wins-server value 192.168.1.240
 dns-server value 192.168.1.240 8.8.8.8
 vpn-tunnel-protocol ikev1 
 default-domain value corp.comex
username Netadmin password M467.jGbvxxttzjt encrypted
tunnel-group xxx.xxx.xxx.xxx type ipsec-l2l
tunnel-group xxx.xxx.xxx.xxx general-attributes
 default-group-policy S2S-VPN-Policy
tunnel-group xxx.xxx.xxx.xxx ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group xxx.xxx.xxx.xxx type ipsec-l2l
tunnel-group xxx.xxx.xxx.xxx general-attributes
 default-group-policy S2S-VPN-Policy
tunnel-group xxx.xxx.xxx.xxx ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group vpnclient type remote-access
tunnel-group vpnclient general-attributes
 address-pool C2S-IP-Pool
 authentication-server-group Auth-Serve
 default-group-policy vpnclient
tunnel-group vpnclient ipsec-attributes
 ikev1 pre-shared-key *****
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect ip-options 
!
service-policy global_policy global
prompt hostname context 
call-home reporting anonymous prompt 2
Cryptochecksum:2c50a82575ee02ad3ee0bea8c9ba8892
: end

any help would be really appriciated