→SIP and NAT
=SIP and NAT=
First, a few comments about SIP, NAT and the FireBrick...
The FireBrick maps ports and IPs for NAT but provides no ALG for SIP or any other protocol. SIP is notoriously difficult with any sort of NAT, with or without ALGs.
We have seen SIP work with FireBricks in this case, where the end device and the SIP call server both do things in just the right strange and non standard way to cope with the mapping, but it is rare. It also usually requires that UDP sessions be configured to be open for a long time on the FireBrick (ongoing-timeout setting on the firewall rules).