If the SIP server is connected via a RouterOS device - there is nothing in your post that indicates where the server is and how it connects to the world - use the IP firewall filters in the forward chain. Something like below, which makes up a bunch of random networks, and assumes the SIP server is at 10.0.0.2 (real IP address after any NAT).
/ip firewall address-list
add list=permit-sip address=192.168.1.0/24
add list=permit-sip address=172.16.0.0/24
add list=permit-sip address=2.2.2.2
add list=permit-sip address=3.3.3.3
/ip firewall filter
add chain=forward connection-state=established action=accept
add chain=forward connection-state=related action=accept
add chain=forward connection-state=invalid action=drop
add chain=forward src-address-list=permit-sip dst-address=10.0.0.2 action=accept
add chain=forward dst-address=10.0.0.2 action=drop
If that doesn't help, give more details. Way more details. Preferably a network diagram with accurately labeled devices, links, and IP addresses.