I configured my GT-AX6000 yesterday, I've been using the RT-AX88U for the past few years and when testing it still works with Full-Cone NAT. It's only the GT-AX6000 that seems not to so I've had about 28 hours so far with Symmetrical NAT instead of Full-Cone NAT.
NAT =! Security. I don't really understand why some people pretend otherwise. The added security is simply a side effect of NAT. I work as a senior cyber security consultant, and I work mostly with Check Point and Palo Alto deployments. As all government services in my country are being enforced to have native IPv6 supported by Q1 2023 I get into these discussions all the time where people are so afraid of deploying IPv6 because they don't want to have public routable IP addresses within their network. They utilise NAT as some kind of security barrier and have forgotten all about how to manage proper firewalls to safeguard their networks. There is zero need for NAT from a security perspective as long as you have proper firewalling in place.
For home networks it becomes different and most home networks need to rely on UPnP, and as a result of UPnP running on your router it will not only provide you with NAT port mappings, but it will also automatically allow for traffic through the router SPI firewall so you lose all control. For enterprise this is obviously not going to be the case, when doing NAT on an enterprise firewall you will still have to manage your firewall policy accordingly to allow for traffic to traverse NAT.
The reason why I prefer Full-Cone NAT over Symmetrical NAT is that it's pretty much the only way to get around the limitation of having just a single public IPv4 address. If you have a home network that features multiples of the same gaming console, multiple gaming PC's using the same gaming services etc. You run into several frustrating scenarios. Regular UPnP through Symmetrical NAT is not always going to work. There are still a lot of games where P2P is required. You can't really do proper P2P through Symmetrical NAT unless the P2P connection is going to just between you and the game server.
Take a game like Call of Duty: Blackout (I'm not sure if this has changed with more recent Call of Duty games). When doing a private lobby within this game your system (Xbox, PlayStation or gaming PC) is going to host your private lobby locally from your system. UPnP ensures that it is working by telling the router that your local system running 192.168.1.50 is establishing a connection to 193.130.123.40 using local port 34923, and remote port 27031. With Symmetrical NAT return traffic will work, but only when it comes from 193.130.123.40. But your friend A is 193.130.123.40, your friend B is 82.342.23.140. Friend B is not able to connect to your lobby as Symmetrical NAT will not allow for 82.342.23.140 to use the existing port 27031 in order to reach your local system on 192.168.1.50 on local port 34923.
A lot of services do work with Symmetrical NAT as the game is just going to keep utilising UPnP to have additional sessions going. Allowing friend B to reach the lobby via the game utilising UPnP to tell the router that your local system running 192.168.1.50 is establishing a connection to 82.342.23.140 using local port 34924 and remote port 27032.
Things get worse when you start tossing multiple gaming systems into the mix as you are running out of ports. Gaming consoles and games tend to have a limited range of ports they use, so if you exhaust the number of ports you are out of luck.
Full-Cone NAT makes this so much better, as it allows for your gaming session to simply do a 1:1 NAT for whatever ports it needs. Your local system running 192.168.1.50 can simply tell your router that anything you receive on the remote port 27031, just send it to me. Thus friends A and B can utilise the same inbound connection to reach you. From a security perspective, this is less secure, so for people that have no control over their network in any meaningful way, this might not be the way you would like it to be. But for someone who has control, this is vastly superior and is causing a lot fewer headaches.
Port Forwarding will do the same, the problem with manual port forwarding is that you can't forward the same port to multiple IP addresses so you run into a huge mess when you have multiple systems wanting the same ports. Manual port forwarding will be even less secure as it will have the port openings running 24/7, even when they are not needed.
UPnP + Full-Cone NAT is by far the best way for this to work. Then you can have multiple gaming systems battling for the same ports all working. The only scenario where it won't work is if you have too many gaming systems going on all at once and you still run out of ports available for your specific game because even with Full-Cone NAT you can't use the same port twice, but you will most likely never exhaust the number of ports available for whatever game as Full-Cone NAT at least ensures that each gaming device can have multiple incoming connections to the same UPnP opening without having to get a new one going for each remote connection.
With all that being said it's not like you won't survive. If you are on a network that is incapable of doing P2P when gaming, you are still able to connect to others that are capable.