Just add his IPs to the access control list and in your gateway just suffix the sip url with :50070.
I would also be very wary of a provider using this sort of setup as there isn't any need for it, screams cowboy to me, especially when they can't send YOUR calls to a different port.