Hi, disable or remove your xbox rules and try this rules to "make a DMZ". I use them and works very well:
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=!8291 in-interface=YOUR_WAN_INTERFACE action=dst-nat to-addresses=YOUR_XBOX_IP comment="Redirect all TCP traffic except Winbox access to Xbox"
add chain=dstnat protocol=udp in-interface=YOUR_WAN_INTERFACE action=dst-nat to-addresses=YOUR_XBOX_IP comment="Redirect all UDP traffic to Xbox"
Replace YOUR_XBOX_IP to your Xbox IP address and YOUR_WAN_INTERFACE by your interface connected to internet (ether1, pppoe-out,...)
If this rules don't work for you, please check if you have another router before this Mikrotik and check port forwarding. If you don't have any router before your Mikrotik, call to your ISP and check if you have a public IP or if you are behind a NAT or CGNAT network..
Regards.