So I dont think you have a problem. The SIP INVITE will include the SDP message, and in it will be the negotiated of RTP ports, which the SIP ALG (on the SR520) needs to open. The UC500 is not in play here, and shouldnt, as double NATs will do exactly what you say usually (no voice path).
SO you initial post is correct. UC500 FW is off when you use a router/FW in front of it.
So sounds like you are working OK. Correct?
But, if you are saying that the Call forwarding to a remote number (a mobile for example) is not working for SIP, then there may be something we can do there.
Configure Multicast Paging on the Cisco IP Phone 7800 Series or 8800 Series Multiplatform Phone
The Cisco IP Phone 7800 and 8800 Series Multiplatform Phones provide voice communication over an Internet Protocol (IP) network...
Add Call Park on a Cisco 7800 or 8800 Series Multiplatform Phone Key Expansion Module
Call park allows the user of the phone to put an incoming call on hold so that the call can be retrieved on another phone. A call is park...