@Sabrcyclon First of all, what is the purpose of hiding your internal IP's? There is no risk showing that information, as it is internal to your network only! It's your public IP that you might want to keep to yourself...
Anyway...
There are a two things that are different to how I have it set up...
First of all, I have been using Automatic Outbound rules ever since UPnP was updated a few releases back. Don't think this is the culprit though.
But, the ACL settings do not look right to me... You are in fact denying the ability to use one of the key ports for most games, namely "Deamonware port" 3074. And it looks like you deny it for all IP's on your network (192.168.1.0/24). Try deleting that deny entry and see what happens. You might need to reboot your Xboxes or kill the states for them from within pfsense (under Diagnostics / States).
The default deny that you have marked, takes care of safeguarding against any and all devices in your network and prevents them from using UPnP. Then your ACL entries list the two Xboxes with IP's ending 65 and 66 that you have created allow entries for.
What I would look into, if you want to increase security, is to limit the ports available to the Xboxes further, once you get things working. Now you are simply allowing every single port from 0 to max. But that is usually not at all needed and in my case it actually looks like this:
fffd96a1-5b4c-4488-8708-157c54dbe46c-image.png
Only two PC's are allowed to us UPnP. And I have tested and found that for all the games I play, all I need to allow are those few ports starting from 3074 and 28960. With only one PC playing I can get away with just the 3074 and 28960...