The two crypto lines are fine its two crypto suites so you can use strong crypto if the other end supports it.
Well this isn't related to using snom phones with your product. I'm seeing contacts with someone at Snom to report these bugs. (and they are bugs). When you use SIP you must honor the contact and port in the registration or use stun to not lie about it. If you try to do it via any other method you will run into issue.
My biggest drive is the interop with FreeSWITCH as I'm one of the core developers of the project.
http://www.freeswitch.org
Thanks,
Brian West