uPNP is not something that can be allowed through the firewall. As it is inherently insecure, you would need to do 1-to-1 NAT to get the full capabilities of the Xbox/PS platforms. Without the 1-to-1 NAT, you'll still be able to get online to download updates or new games, browse the respective marketplaces, etc., but you won't be able to host a multiplayer game (unless something has changed in the last couple years that I'm not current on).
There's an article about it if you want to take a look:
... View more