You have setup pfSense as a VM via the OVA.
Your VM that you want to filter its traffic is on a portgroup on a vSwitch with no uplink.
pfSense has 2 NICs – 1. WAN – Using a portgroup that has internet access 2. LAN – Using the same portgroup/vswitch as your VM that needs its traffic filtered.
Turn on promiscuous mode on all vSwitches being used by pfSense and the VM.
Traffic will not pass without promiscuous mode!