First you need to allow the incoming traffic through the NAT of your Vigor. See our FAQ here to configure Open Ports.

Next you need to setup IP Filters, firstly to Block the Open Port you have just created above and then to Pass the specific IP Address(es) you want to allow. In the Default Data Filter (Set #2) of your Vigor go into Filter #2 (ignore the first default rule) and setup the following Block Filter:

Enable and Name the Filter <-- (I called mine 5060 inbound X)
Block If No Further Match <-- (I set my filter option to this)
Direction IN <-- (I set my Direction setting to WAN ->LAN/RT/VPN)
Protocol <-- (I set this to UDP)
Source any <-- (I've set my source to ANY as suggested)
Destination <-- (I've set the destination as my office server IP and subnet)
Destination Start Port <-- (i set this to 5060)

Hit OK and the Vigor is now passing the incoming traffic through NAT, but Blocking it by the above Filter.

In Filter #3 set up the following:

Enable and Name the Filter <-- ( I named this 5060 Inbound O )
Pass Immediately <-- ( I set my filter to Pass Immediately )
Direction IN <-- ( Again I set my direction in to WAN ->LAN/RT/VPN )
Protocol <-- (Set this to UDP)
Source <-- ( I've set this to my local servers IP and Subnet )
Destination IP <-- ( I've set to 37.xxx.xxx.1~37.xxx.xxx.10, which is the remote server that needs to enter through my port to reach my server)
Destination Start Port <-- ( I've set this to 5060 )

Click OK. This Pass Filter will now Pass incoming traffic from the Trusted User on the Internet to the internal Server on the required Port.