Thank you for asking this question in the support community. If the carrier is expecting traffic from an IP address, other than the primary IP address assigned to the public facing interface, then the firewall will need a NAT statement to that address. Also, the media-gateway command should specify the secondary IP address. Here is an example configuration of the interface and firewall configuration:
interface eth 0/1
description INTERNET CONNECTION
ip address 188.8.131.52 255.255.255.248
ip address 184.108.40.206 255.255.255.255 secondary
ip access-policy PUBLIC
media-gateway ip secondary 220.127.116.11
interface eth 0/2
description LAN CONNECTION
ip address 18.104.22.168 255.255.255.0
ip access-policy PRIVATE
media-gateway ip primary
ip policy-class PRIVATE
allow list SIP self
nat source list VOICE address 22.214.171.124 overload
nat source list MATCHALL interface eth 0/1 overload
ip policy-class PUBLIC
allow list SIP self
I hope that makes sense, but please do not hesitate to reply to this post with any additional questions. I will be happy to help in any way I can.
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post to unmark it and select another in its place with the applicable buttons. If you have any additional information on this that others may benefit from, please come back to this post to provide an update. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
Do exactly what Levi says, or just swap the primary and secondary IPs in the configuration so that the voice traffic uses the primary.
Do this from a device on the inside or from the console or you're likely to lock yourself out of the box. Configuring the interface or route via which you are connected is risky at best.
"reload in 15" first can save your butt if you have no other choice. If you lock yourself out, just wait. 15 minutes later the box reboots and your unsaved changes are gone.