A VCSA 6.7 backup may fail with this error. The most common explanation is that this is related to file permissions as described in this article. But what if you're not using an IIS ftp server? I was testing this using FileZilla FTP Server on Windows 10 1809. In my case the service was running as SYSTEM, which already had full access to the FTP directory. In fact it was creating subdirectories, but would fail when attempting to upload a file.
What I discovered was that the VCSA uses passive mode FTP with no option to change that fact. By default passive mode servers choose random ports >1023 and pass them to the client which will then open a data connection to that port as described here. Unfortunately the Windows Firewall on this machine was set in the correct restrictive fashion, so those passive mode ports were never permitted.
It is possible, however, to choose custom passive mode ports in FileZilla. In the server settings I chose to use the range 1024-1048, and then whitelisted those same ports in the firewall. After that the backup completes successfully.
