and made sure to set the MAC address in pfsense to 63:e3.
That seems suspicious. You should not need to set the MAC address if it's using a dedicated NIC (pass through). If you did it implies something else is using that MAC and spoofing it in pfSense will break layer 2. It sounds like you may have ended up with ESXi using that MAC.