As a side note , you can often just allow the whole network of a dhcp provided device at “home” for connections through your firewall, rather than just a host, this is due to the way DHCP is done by the big guys. So look for the CIDR or NetRange in the return from
whois (the current ip address)
that device will always be awarded address within that range, a caveate is that some cable companies will send back a /12 or something from whois, generally a /16 netmask will cover that for the likes of Comcast etc. . Softphones on Cellular networks, not so much 
Previously I posted in
allowing is just the reverse of denying and IWFM 