These are different subjects. The first is about phones registering to your PBX from random addresses throughout the world, the second is about trunk interaction from your ITSP.
The Responsive Firewall is a specialized firewall component that manages the interaction of your SIP ports with the outside world and is all about people connecting to your server from phones outside your network. If you don’t have anyone connecting from the WWW, there’s no reason to have the Responsive Firewall working.
This firewall works in conjunction with Integrated Firewall, which should be set up to block everything trying to connect to your server, pretty much ‘period’. If you are using the Responsive Firewall, your inbound SIP ports (phones and Flowroute) are managed that way. If you don’t, you have to manage who can connect to your SIP ports manually (more or less) by defining the networks that are trusted.
The second part of your issue: if you are using IP Authentication, there shouldn’t be any registration at all - no username, no password, no registration type, and your authentication is set to ‘None’. The SIP server is your outbound destination.
IIRC, there are several servers that can initiate POTS calls to your PBX from Flowroute. These are documented in the “Match” field so that you don’t have to allow anonymous calling.
So, having said all of that, you need to know where the phones that are supposed to connect to your system are connecting from. If they have fixed addresses, you set them up in the regular firewall as trusted addresses. If they come from random addresses all over the world, the Responsive Firewall will catch them. Note, however, that the Responsive Firewall will only catch bad actors that fail to authenticate. If someone manages to acquire credentials on your machine, the Responsive Firewall will gladly let them in.