Microsoft's current generation games console, the XBox One, is known to often have trouble operating through a NAT router. This problem is not exclusive to FireBrick or even to NAT; this problem may even occur if the XBox is on a real IP address, but with inbound firewalling enabled.
Microsoft publishes a list of ports that are needed, inbound, to the IP address the XBox is using. https://support.microsoft.com/en-gb/help/4026770/xbox-open-these-network-ports-for-xbox-one The important bit is :
First create a ruleset to contain the rules that do the remapping. You need to know a few pieces of information before you proceed.
The ruleset matches anything to the external IP address, and then the individual rules more specifically match the different traffic types and ports, and actually do the mapping.
The ruleset will look something like this :
And then within that ruleset you need to create rules that handle TCP and UDP :
Then within each of these you need to set the ports, traffic type, and the address to rewrite to :
If you are running this in an ISP context (for example a WISP) where each customer may not necessarily have their own 'real' external IPv4 address. This creates a problem if two of your downstream customers both have XBoxes. Provided you have enough address space to enable each customer with an XBox to be allocated their own external address, for that purpose, then this is simply done by adding an extra local address (within the routing section), and then setting up the mappings on a per customer basis.
DHCP may mean that if an XBox isn't used for a long period of time, it get allocated a different address than the one the port maps are configured against. You can protect against this by simply setting up a specific DHCP rule matching the XBox's MAC address.