Hi,
If you call SIP service in the security policy then It will already have the SIP ALG:
-> get service sip
Name: SIP
Category: other ID: 0 Flag: Pre-defined Session-cache: Disabled
Transport Src port Dst port ICMPtype,code Timeout(min|10sec*) Application
udp 0/65535 5060/5060 1 SIP
tcp 0/65535 5060/5060 30 SIP
--> get alg and check if SIP alg is enabled.
Depending on the ports in the SIP INVITE the firewall will be opening the dynamic ports, NAT gate etc. Is your video part of the SIP call ? Any NAT involved?
May be be you check in the debugs where it's failing : https://kb.juniper.net/InfoCenter/index?page=content&id=KB22365
Other docs for the reference : https://kb.juniper.net/InfoCenter/index?page=content&id=KB9093 , https://kb.juniper.net/InfoCenter/index?page=content&id=KB7407&act=login
If it still doesn't work please let us know the complete call flow and where exactly it's failing.
Thanks,
Vikas