That is, NO FORWARDING. Leave it stock in the router.
Now, on the router find the XBox's IP address on the LAN and put that into the DMZ entry. This way it's going to get all the traffic and look like it's on the Internet. If that fails there could be an ISP issue. There are ISPs that due to their architecture will NEVER give you more than a moderate NAT.
So with that out of the way I can write that here I've never had to do this on our XBox's. Since we never attempt to host a match. https://support.xbox.com/en-US/xbox-one/networking/nat-error-solution
Hello, all. I can't seem to get my Xbox One to have an OPEN NAT. I followed troubleshooting tips and opened ports, as well as gave my Xbox One a static IP that matches what my firewall sees. All IP addressing including subnet and gateway is accurate, and it's still a MODERATE NAT. It's been two days and it's still like this.
Here's Imgur pics showing my PortForwarding config on my router, and my Xbox's NAT status:
* PortForwarding config
* Xbox LIVE still has Moderate NAT