Mikrotik

Setting up mikrotik port forwarding for the registrar and probably the firewall?

Hello.
There is a mikrotik router, behind it is a video surveillance recorder. In order for video viewing from the recorder to work on a mobile phone through the application, you need to forward TCP port 8000. In the web interface of Mikrotik, I added a NAT rule like this:
Chain = dstnat Protocol = TCP Dst. Port = 8000 In. Interace = spf1 Action = dst-nat To Adresse = 192.168.88.14 To ports = 8000
where 192.168.88.14 is the internal IP of the registrar.
The result is the following:
In the 1st building there is a Mikrotik for which the registrar. In the second, neighboring building, a separate connection of the same provider. Both connections have static external dedicated IP addresses. If you connect to the wifi of the second building from your phone, then viewing the cameras through the application works as it should. And if you disconnect from wifi, then the cameras are no longer available through the network of the mobile operator.
It turns out that the port forwarding itself is working successfully. But only when the mobile device is in the same network of the same provider. I assume that the connection from external networks can be blocked by the firewall, but since Mikrotik is difficult to configure for me, I can’t seem to figure it out with it.
In the firewall at the moment there are such rules, I provide a screen.

These appear to be the default rules. On the screen, the external IP address of the Mikrotik is entered in place of the "external IP".
Can you please tell me if I need to add some rule here? So that packets on port 8000 pass from any external addresses, and not from one subnet of the provider.