I’d say you need to take an hour and read through RFC 3263 which describes how SRV for SIP works.
If you put the port number after a name, then you are bypassing SRV and telling your client to look up the A or AAAA record and connect to the host on that port.
If you just put the name (without port), your client will possibly first look up the NAPTR record for the domain, to see which transport is preferred. Then it will do an SRV lookup to find the hosts and ports corresponding to the preferred transport. Then it will get the IP address and make the connection.
From where your phones are, make sure you can look up the SRV. Use nslookup or dig. Example:
$ dig _sip._tcp.iptel.org. srv
; <<>> DiG 9.10.6 <<>> _sip._tcp.iptel.org. srv
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8175
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_sip._tcp.iptel.org. IN SRV
;; ANSWER SECTION:
_sip._tcp.iptel.org. 577 IN SRV 0 100 5060 sip.iptel.org.
You can see I got a record back for iptel.org telling me for a TCP connection, connect to port 5060 on
sip.iptel.org. Check yours (